Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for hima-al00b_firmware by huawei

    CVE-2019-5235 (GCVE-0-2019-5235)

    Vulnerability from nvd – Published: 2019-12-13 23:09 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
    Severity
    No CVSS data available.
    CWE
    • null pointer dereference
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B Affected: Version
    Affected: 9.1.0.206(C00E205R3P1)
    Affected: 9.0.1.5(C735R1)
    Affected: 9.1.0.1(C00R3)
    Affected: 9.1.0.206
    Affected: 9.0.1.162(C01E160R2P3)
    Affected: 8.2.0.170(C861)
    Affected: 8.2.0.188(C00R2P1)
    Affected: 8.2.0.163(C605)
    Affected: 8.2.0.160(C185)
    Affected: 8.2.0.156(C636R2P2)
    Affected: 8.2.0.152(C45CUSTC45D1)
    Affected: 8.2.0.162(C605)
    Affected: 8.2.0.175(C00R2P4)
    Affected: 8.2.0.190(C788R1P16)
    Affected: 8.2.0.161(C675CUSTC675D1)
    Affected: 8.2.0.165(C00R1P16)
    Affected: 8.2.0.130(C461R1P1)
    Affected: 8.2.0.130(C652CUSTC652D1)
    Affected: 8.2.0.131(C10R2P2)
    Affected: 8.2.0.136(C432CUSTC432D1)
    Affected: 8.2.0.101(C10CUSTC10D1)
    Affected: 8.2.0.101(C432CUSTC432D1)
    Affected: 8.2.0.131(C55CUSTC55D1)
    Affected: 8.2.0.105(C185R1P1)
    Affected: 8.2.0.107(C636R2P1)
    Affected: 8.2.0.103(C652CUSTC652D1)
    Affected: 8.2.0.105(C185R2P1)
    Affected: 8.2.0.130(C636CUSTC636D2)
    Affected: 8.2.0.133(C605CUSTC605D1)
    Affected: 8.2.0.155(C675R2P1)
    Affected: 8.2.0.110(C652CUSTC652D1)
    Affected: 8.2.0.100(C541CUSTC541D1)
    Affected: 8.2.0.165(C01R1P16)
    Affected: 9.1.0.208(C00E205R3P1)
    Affected: 9.1.0.162(C00E160R2P1)
    Affected: 9.1.0.12(C00R1)
    Affected: 9.1.0.4(C735R1)
    Affected: 9.1.0.162
    Affected: 9.1.0.161
    Affected: 9.1.0.162(C01E160R2P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.874Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Version"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.206(C00E205R3P1)"
                },
                {
                  "status": "affected",
                  "version": "9.0.1.5(C735R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.1(C00R3)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.206"
                },
                {
                  "status": "affected",
                  "version": "9.0.1.162(C01E160R2P3)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.170(C861)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.188(C00R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.163(C605)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.160(C185)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.156(C636R2P2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.152(C45CUSTC45D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.162(C605)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.175(C00R2P4)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.190(C788R1P16)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.161(C675CUSTC675D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.165(C00R1P16)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C461R1P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.131(C10R2P2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.136(C432CUSTC432D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.101(C10CUSTC10D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.101(C432CUSTC432D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.131(C55CUSTC55D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.105(C185R1P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.107(C636R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.103(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.105(C185R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C636CUSTC636D2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.133(C605CUSTC605D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.155(C675R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.110(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.100(C541CUSTC541D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.165(C01R1P16)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.208(C00E205R3P1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162(C00E160R2P1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.12(C00R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.4(C735R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.161"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162(C01E160R2P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "null pointer dereference",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T23:09:32.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5235",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Version"
                              },
                              {
                                "version_value": "9.1.0.206(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.0.1.5(C735R1)"
                              },
                              {
                                "version_value": "9.1.0.1(C00R3)"
                              },
                              {
                                "version_value": "9.1.0.206(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.206"
                              },
                              {
                                "version_value": "9.0.1.162(C01E160R2P3)"
                              },
                              {
                                "version_value": "8.2.0.170(C861)"
                              },
                              {
                                "version_value": "8.2.0.188(C00R2P1)"
                              },
                              {
                                "version_value": "8.2.0.163(C605)"
                              },
                              {
                                "version_value": "8.2.0.160(C185)"
                              },
                              {
                                "version_value": "8.2.0.156(C636R2P2)"
                              },
                              {
                                "version_value": "8.2.0.152(C45CUSTC45D1)"
                              },
                              {
                                "version_value": "8.2.0.162(C605)"
                              },
                              {
                                "version_value": "8.2.0.175(C00R2P4)"
                              },
                              {
                                "version_value": "8.2.0.190(C788R1P16)"
                              },
                              {
                                "version_value": "8.2.0.161(C675CUSTC675D1)"
                              },
                              {
                                "version_value": "8.2.0.165(C00R1P16)"
                              },
                              {
                                "version_value": "8.2.0.130(C461R1P1)"
                              },
                              {
                                "version_value": "8.2.0.130(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.131(C10R2P2)"
                              },
                              {
                                "version_value": "8.2.0.136(C432CUSTC432D1)"
                              },
                              {
                                "version_value": "8.2.0.101(C10CUSTC10D1)"
                              },
                              {
                                "version_value": "8.2.0.101(C432CUSTC432D1)"
                              },
                              {
                                "version_value": "8.2.0.131(C55CUSTC55D1)"
                              },
                              {
                                "version_value": "8.2.0.105(C185R1P1)"
                              },
                              {
                                "version_value": "8.2.0.107(C636R2P1)"
                              },
                              {
                                "version_value": "8.2.0.103(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.105(C185R2P1)"
                              },
                              {
                                "version_value": "8.2.0.107(C636R2P1)"
                              },
                              {
                                "version_value": "8.2.0.130(C636CUSTC636D2)"
                              },
                              {
                                "version_value": "8.2.0.133(C605CUSTC605D1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.110(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.100(C541CUSTC541D1)"
                              },
                              {
                                "version_value": "8.2.0.165(C01R1P16)"
                              },
                              {
                                "version_value": "8.2.0.100(C541CUSTC541D1)"
                              },
                              {
                                "version_value": "9.1.0.208(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.208(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.162(C00E160R2P1)"
                              },
                              {
                                "version_value": "9.1.0.12(C00R1)"
                              },
                              {
                                "version_value": "9.1.0.4(C735R1)"
                              },
                              {
                                "version_value": "9.1.0.162(C00E160R2P1)"
                              },
                              {
                                "version_value": "9.1.0.12(C00R1)"
                              },
                              {
                                "version_value": "9.1.0.162"
                              },
                              {
                                "version_value": "9.1.0.161"
                              },
                              {
                                "version_value": "9.1.0.162(C01E160R2P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "null pointer dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5235",
        "datePublished": "2019-12-13T23:09:32.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.874Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5299 (GCVE-0-2019-5299)

    Vulnerability from nvd – Published: 2019-08-13 20:34 – Updated: 2024-08-04 19:54
    VLAI
    Summary
    Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • signature verification bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Hima-AL00B Affected: Versions earlier than HMA-AL00C00B175
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:54:53.454Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Hima-AL00B",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than HMA-AL00C00B175"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "signature verification bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-13T20:34:23.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5299",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Hima-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than HMA-AL00C00B175"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "signature verification bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5299",
        "datePublished": "2019-08-13T20:34:23.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:54:53.454Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5235 (GCVE-0-2019-5235)

    Vulnerability from cvelistv5 – Published: 2019-12-13 23:09 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
    Severity
    No CVSS data available.
    CWE
    • null pointer dereference
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B Affected: Version
    Affected: 9.1.0.206(C00E205R3P1)
    Affected: 9.0.1.5(C735R1)
    Affected: 9.1.0.1(C00R3)
    Affected: 9.1.0.206
    Affected: 9.0.1.162(C01E160R2P3)
    Affected: 8.2.0.170(C861)
    Affected: 8.2.0.188(C00R2P1)
    Affected: 8.2.0.163(C605)
    Affected: 8.2.0.160(C185)
    Affected: 8.2.0.156(C636R2P2)
    Affected: 8.2.0.152(C45CUSTC45D1)
    Affected: 8.2.0.162(C605)
    Affected: 8.2.0.175(C00R2P4)
    Affected: 8.2.0.190(C788R1P16)
    Affected: 8.2.0.161(C675CUSTC675D1)
    Affected: 8.2.0.165(C00R1P16)
    Affected: 8.2.0.130(C461R1P1)
    Affected: 8.2.0.130(C652CUSTC652D1)
    Affected: 8.2.0.131(C10R2P2)
    Affected: 8.2.0.136(C432CUSTC432D1)
    Affected: 8.2.0.101(C10CUSTC10D1)
    Affected: 8.2.0.101(C432CUSTC432D1)
    Affected: 8.2.0.131(C55CUSTC55D1)
    Affected: 8.2.0.105(C185R1P1)
    Affected: 8.2.0.107(C636R2P1)
    Affected: 8.2.0.103(C652CUSTC652D1)
    Affected: 8.2.0.105(C185R2P1)
    Affected: 8.2.0.130(C636CUSTC636D2)
    Affected: 8.2.0.133(C605CUSTC605D1)
    Affected: 8.2.0.155(C675R2P1)
    Affected: 8.2.0.110(C652CUSTC652D1)
    Affected: 8.2.0.100(C541CUSTC541D1)
    Affected: 8.2.0.165(C01R1P16)
    Affected: 9.1.0.208(C00E205R3P1)
    Affected: 9.1.0.162(C00E160R2P1)
    Affected: 9.1.0.12(C00R1)
    Affected: 9.1.0.4(C735R1)
    Affected: 9.1.0.162
    Affected: 9.1.0.161
    Affected: 9.1.0.162(C01E160R2P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.874Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Version"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.206(C00E205R3P1)"
                },
                {
                  "status": "affected",
                  "version": "9.0.1.5(C735R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.1(C00R3)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.206"
                },
                {
                  "status": "affected",
                  "version": "9.0.1.162(C01E160R2P3)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.170(C861)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.188(C00R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.163(C605)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.160(C185)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.156(C636R2P2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.152(C45CUSTC45D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.162(C605)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.175(C00R2P4)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.190(C788R1P16)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.161(C675CUSTC675D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.165(C00R1P16)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C461R1P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.131(C10R2P2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.136(C432CUSTC432D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.101(C10CUSTC10D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.101(C432CUSTC432D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.131(C55CUSTC55D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.105(C185R1P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.107(C636R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.103(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.105(C185R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C636CUSTC636D2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.133(C605CUSTC605D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.155(C675R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.110(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.100(C541CUSTC541D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.165(C01R1P16)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.208(C00E205R3P1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162(C00E160R2P1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.12(C00R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.4(C735R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.161"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162(C01E160R2P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "null pointer dereference",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T23:09:32.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5235",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Version"
                              },
                              {
                                "version_value": "9.1.0.206(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.0.1.5(C735R1)"
                              },
                              {
                                "version_value": "9.1.0.1(C00R3)"
                              },
                              {
                                "version_value": "9.1.0.206(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.206"
                              },
                              {
                                "version_value": "9.0.1.162(C01E160R2P3)"
                              },
                              {
                                "version_value": "8.2.0.170(C861)"
                              },
                              {
                                "version_value": "8.2.0.188(C00R2P1)"
                              },
                              {
                                "version_value": "8.2.0.163(C605)"
                              },
                              {
                                "version_value": "8.2.0.160(C185)"
                              },
                              {
                                "version_value": "8.2.0.156(C636R2P2)"
                              },
                              {
                                "version_value": "8.2.0.152(C45CUSTC45D1)"
                              },
                              {
                                "version_value": "8.2.0.162(C605)"
                              },
                              {
                                "version_value": "8.2.0.175(C00R2P4)"
                              },
                              {
                                "version_value": "8.2.0.190(C788R1P16)"
                              },
                              {
                                "version_value": "8.2.0.161(C675CUSTC675D1)"
                              },
                              {
                                "version_value": "8.2.0.165(C00R1P16)"
                              },
                              {
                                "version_value": "8.2.0.130(C461R1P1)"
                              },
                              {
                                "version_value": "8.2.0.130(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.131(C10R2P2)"
                              },
                              {
                                "version_value": "8.2.0.136(C432CUSTC432D1)"
                              },
                              {
                                "version_value": "8.2.0.101(C10CUSTC10D1)"
                              },
                              {
                                "version_value": "8.2.0.101(C432CUSTC432D1)"
                              },
                              {
                                "version_value": "8.2.0.131(C55CUSTC55D1)"
                              },
                              {
                                "version_value": "8.2.0.105(C185R1P1)"
                              },
                              {
                                "version_value": "8.2.0.107(C636R2P1)"
                              },
                              {
                                "version_value": "8.2.0.103(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.105(C185R2P1)"
                              },
                              {
                                "version_value": "8.2.0.107(C636R2P1)"
                              },
                              {
                                "version_value": "8.2.0.130(C636CUSTC636D2)"
                              },
                              {
                                "version_value": "8.2.0.133(C605CUSTC605D1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.110(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.100(C541CUSTC541D1)"
                              },
                              {
                                "version_value": "8.2.0.165(C01R1P16)"
                              },
                              {
                                "version_value": "8.2.0.100(C541CUSTC541D1)"
                              },
                              {
                                "version_value": "9.1.0.208(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.208(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.162(C00E160R2P1)"
                              },
                              {
                                "version_value": "9.1.0.12(C00R1)"
                              },
                              {
                                "version_value": "9.1.0.4(C735R1)"
                              },
                              {
                                "version_value": "9.1.0.162(C00E160R2P1)"
                              },
                              {
                                "version_value": "9.1.0.12(C00R1)"
                              },
                              {
                                "version_value": "9.1.0.162"
                              },
                              {
                                "version_value": "9.1.0.161"
                              },
                              {
                                "version_value": "9.1.0.162(C01E160R2P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "null pointer dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5235",
        "datePublished": "2019-12-13T23:09:32.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.874Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5299 (GCVE-0-2019-5299)

    Vulnerability from cvelistv5 – Published: 2019-08-13 20:34 – Updated: 2024-08-04 19:54
    VLAI
    Summary
    Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • signature verification bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Hima-AL00B Affected: Versions earlier than HMA-AL00C00B175
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:54:53.454Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Hima-AL00B",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than HMA-AL00C00B175"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "signature verification bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-13T20:34:23.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5299",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Hima-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than HMA-AL00C00B175"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "signature verification bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5299",
        "datePublished": "2019-08-13T20:34:23.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:54:53.454Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }