Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for honor_9_lite_firmware by huawei

    CVE-2019-5252 (GCVE-0-2019-5252)

    Vulnerability from nvd – Published: 2019-12-13 23:12 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
    Severity
    No CVSS data available.
    CWE
    • Improper Authentication
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro Affected: Versions earlier than 9.1.0.131(C432E6R1P5T8),Versions earlier than 9.1.0.139(C636E6R1P5T8),Versions earlier than 9.1.0.217(C00E15R3P2T8),Versions earlier than 9.1.0.237(C432E1R3P2T8),Versions earlier than 9.1.0.237(C636E2R4P1T8),Versions earlier than 9.1.0.124(C00E112R2P10T8),Versions earlier than 9.1.0.136(C636E5R1P5T8),Versions earlier than 9.1.0.115(C00E113R1P6T8),Versions earlier than 9.1.0.122(C636E4R1P4T8),Versions earlier than 9.1.0.248(C636E5R3P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.878Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.131(C432E6R1P5T8),Versions earlier than 9.1.0.139(C636E6R1P5T8),Versions earlier than 9.1.0.217(C00E15R3P2T8),Versions earlier than 9.1.0.237(C432E1R3P2T8),Versions earlier than 9.1.0.237(C636E2R4P1T8),Versions earlier than 9.1.0.124(C00E112R2P10T8),Versions earlier than 9.1.0.136(C636E5R1P5T8),Versions earlier than 9.1.0.115(C00E113R1P6T8),Versions earlier than 9.1.0.122(C636E4R1P4T8),Versions earlier than 9.1.0.248(C636E5R3P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T23:12:50.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5252",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than 9.1.0.131(C432E6R1P5T8),Versions earlier than 9.1.0.139(C636E6R1P5T8),Versions earlier than 9.1.0.217(C00E15R3P2T8),Versions earlier than 9.1.0.237(C432E1R3P2T8),Versions earlier than 9.1.0.237(C636E2R4P1T8),Versions earlier than 9.1.0.124(C00E112R2P10T8),Versions earlier than 9.1.0.136(C636E5R1P5T8),Versions earlier than 9.1.0.115(C00E113R1P6T8),Versions earlier than 9.1.0.122(C636E4R1P4T8),Versions earlier than 9.1.0.248(C636E5R3P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authentication"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5252",
        "datePublished": "2019-12-13T23:12:50.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.878Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5264 (GCVE-0-2019-5264)

    Vulnerability from nvd – Published: 2019-12-13 23:00 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9 Affected: Versions earlier than 9.0.0.167(C00E85R2P20T8)
    Affected: Versions earlier than 9.0.0.159(C432E4R1P9T8)
    Affected: Versions earlier than 9.0.0.177(C185E2R1P12T8)
    Affected: Versions earlier than 9.0.0.159(C636E2R1P12T8)
    Affected: Versions earlier than 9.0.0.167(C00E87R2P15T8)
    Affected: Versions earlier than 9.0.0.159(C185E2R1P13T8)
    Affected: Versions earlier than 9.0.0.161(C432E4R1P11T8)
    Affected: Versions earlier than 9.0.0.159(C636E2R1P13T8)
    Affected: Versions earlier than 9.0.0.156(C00E156R2P14T8)
    Affected: Versions earlier than 9.0.0.159(C636E3R1P12T8)
    Affected: Versions earlier than 9.1.0.107(C00E107R2P8T8)
    Affected: Versions earlier than 9.1.0.119(C636E5R1P1T8)
    Affected: Versions earlier than 9.1.0.130(C432E8R1P5T8)
    Affected: Versions earlier than 9.1.0.111(C00E111R1P6T8)
    Affected: Versions earlier than 9.1.0.115(C432E5R1P1T8)
    Affected: Versions earlier than 9.1.0.120(C636E5R1P1T8)
    Affected: Versions earlier than 9.1.0.113(C00E111R2P10T8)
    Affected: Versions earlier than 9.1.0.118(C636E4R1P1T8)
    Affected: Versions earlier than 9.1.0.118(C185E4R1P4T8)
    Affected: Versions earlier than 9.1.0.121(C432E4R1P3T8)
    Affected: Versions earlier than 9.1.0.112(C00E112R1P6T8)
    Affected: Versions earlier 9.1.0.106(SP53C636E2R1P4T8)
    Affected: Versions earlier than 9.0.1.158(C432E6R1P8T8)
    Affected: Versions earlier than 9.0.1.159(C636E6R1P8T8)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.839Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.167(C00E85R2P20T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C432E4R1P9T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.177(C185E2R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C636E2R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.167(C00E87R2P15T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C185E2R1P13T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.161(C432E4R1P11T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C636E2R1P13T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.156(C00E156R2P14T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C636E3R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.107(C00E107R2P8T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.119(C636E5R1P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.130(C432E8R1P5T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.111(C00E111R1P6T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.115(C432E5R1P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.120(C636E5R1P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.113(C00E111R2P10T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.118(C636E4R1P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.118(C185E4R1P4T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.121(C432E4R1P3T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.112(C00E112R1P6T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier 9.1.0.106(SP53C636E2R1P4T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.1.158(C432E6R1P8T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.1.159(C636E6R1P8T8)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T23:00:29.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5264",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than 9.0.0.167(C00E85R2P20T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C432E4R1P9T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.177(C185E2R1P12T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C636E2R1P12T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.167(C00E87R2P15T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C185E2R1P13T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.161(C432E4R1P11T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C636E2R1P13T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.156(C00E156R2P14T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C432E4R1P9T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C636E3R1P12T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.107(C00E107R2P8T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.119(C636E5R1P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.130(C432E8R1P5T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.111(C00E111R1P6T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.115(C432E5R1P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.120(C636E5R1P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.113(C00E111R2P10T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.118(C636E4R1P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.118(C185E4R1P4T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.121(C432E4R1P3T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.112(C00E112R1P6T8)"
                              },
                              {
                                "version_value": "Versions earlier 9.1.0.106(SP53C636E2R1P4T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.1.158(C432E6R1P8T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.1.159(C636E6R1P8T8)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5264",
        "datePublished": "2019-12-13T23:00:29.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.839Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5251 (GCVE-0-2019-5251)

    Vulnerability from nvd – Published: 2019-12-13 14:30 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Path Traversal
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s Affected: Versions earlier than 9.1.0.333(C00E333R2P1T8)
    Affected: Versions earlier than 9.1.0.226(C00E220R2P1)
    Affected: Versions earlier than 9.1.0.130(C00E115R2P8T8)
    Affected: Versions earlier than 9.1.0.139(C00E133R3P1)
    Affected: Versions earlier than 9.1.0.130(C00E112R2P10T8)
    Affected: Versions earlier than 9.1.0.143(C636E5R1P5T8)
    Affected: Versions earlier than 9.1.0.120(C00E113R1P6T8)
    Affected: Versions earlier than 9.1.1.150(C00E150R1P150)
    Affected: Versions earlier than 9.1.0.226(C00E210R2P1)
    Affected: Versions earlier than 9.1.1.132(C00E131R6P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.813Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.226(C00E220R2P1)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.130(C00E115R2P8T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.139(C00E133R3P1)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.130(C00E112R2P10T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.143(C636E5R1P5T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.120(C00E113R1P6T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.1.150(C00E150R1P150)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.226(C00E210R2P1)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.1.132(C00E131R6P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Path Traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T14:30:18.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5251",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.226(C00E220R2P1)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.130(C00E115R2P8T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.139(C00E133R3P1)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.130(C00E112R2P10T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.143(C636E5R1P5T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.120(C00E113R1P6T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.1.150(C00E150R1P150)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.226(C00E210R2P1)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.1.132(C00E131R6P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Path Traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5251",
        "datePublished": "2019-12-13T14:30:18.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.813Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7946 (GCVE-0-2018-7946)

    Vulnerability from nvd – Published: 2018-11-27 22:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak.
    Severity
    No CVSS data available.
    CWE
    • information leakage
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. Huawei Honor 7A, Huawei Honor 9 Lite Affected: Huawei Honorinformation leak 7A the versions before 8.0.0.195(C00), Huawei Honor 9 Lite the versions before 8.0.0.182(C01)
    Create a notification for this product.
    Date Public
    2018-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.637Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Huawei Honor 7A, Huawei Honor 9 Lite",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Huawei Honorinformation leak 7A the versions before 8.0.0.195(C00), Huawei Honor 9 Lite the versions before 8.0.0.182(C01)"
                }
              ]
            }
          ],
          "datePublic": "2018-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leakage",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-27T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7946",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Huawei Honor 7A, Huawei Honor 9 Lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Huawei Honorinformation leak 7A the versions before 8.0.0.195(C00), Huawei Honor 9 Lite the versions before 8.0.0.182(C01)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leakage"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7946",
        "datePublished": "2018-11-27T22:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.637Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5252 (GCVE-0-2019-5252)

    Vulnerability from cvelistv5 – Published: 2019-12-13 23:12 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
    Severity
    No CVSS data available.
    CWE
    • Improper Authentication
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro Affected: Versions earlier than 9.1.0.131(C432E6R1P5T8),Versions earlier than 9.1.0.139(C636E6R1P5T8),Versions earlier than 9.1.0.217(C00E15R3P2T8),Versions earlier than 9.1.0.237(C432E1R3P2T8),Versions earlier than 9.1.0.237(C636E2R4P1T8),Versions earlier than 9.1.0.124(C00E112R2P10T8),Versions earlier than 9.1.0.136(C636E5R1P5T8),Versions earlier than 9.1.0.115(C00E113R1P6T8),Versions earlier than 9.1.0.122(C636E4R1P4T8),Versions earlier than 9.1.0.248(C636E5R3P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.878Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.131(C432E6R1P5T8),Versions earlier than 9.1.0.139(C636E6R1P5T8),Versions earlier than 9.1.0.217(C00E15R3P2T8),Versions earlier than 9.1.0.237(C432E1R3P2T8),Versions earlier than 9.1.0.237(C636E2R4P1T8),Versions earlier than 9.1.0.124(C00E112R2P10T8),Versions earlier than 9.1.0.136(C636E5R1P5T8),Versions earlier than 9.1.0.115(C00E113R1P6T8),Versions earlier than 9.1.0.122(C636E4R1P4T8),Versions earlier than 9.1.0.248(C636E5R3P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T23:12:50.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5252",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than 9.1.0.131(C432E6R1P5T8),Versions earlier than 9.1.0.139(C636E6R1P5T8),Versions earlier than 9.1.0.217(C00E15R3P2T8),Versions earlier than 9.1.0.237(C432E1R3P2T8),Versions earlier than 9.1.0.237(C636E2R4P1T8),Versions earlier than 9.1.0.124(C00E112R2P10T8),Versions earlier than 9.1.0.136(C636E5R1P5T8),Versions earlier than 9.1.0.115(C00E113R1P6T8),Versions earlier than 9.1.0.122(C636E4R1P4T8),Versions earlier than 9.1.0.248(C636E5R3P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authentication"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5252",
        "datePublished": "2019-12-13T23:12:50.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.878Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5264 (GCVE-0-2019-5264)

    Vulnerability from cvelistv5 – Published: 2019-12-13 23:00 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9 Affected: Versions earlier than 9.0.0.167(C00E85R2P20T8)
    Affected: Versions earlier than 9.0.0.159(C432E4R1P9T8)
    Affected: Versions earlier than 9.0.0.177(C185E2R1P12T8)
    Affected: Versions earlier than 9.0.0.159(C636E2R1P12T8)
    Affected: Versions earlier than 9.0.0.167(C00E87R2P15T8)
    Affected: Versions earlier than 9.0.0.159(C185E2R1P13T8)
    Affected: Versions earlier than 9.0.0.161(C432E4R1P11T8)
    Affected: Versions earlier than 9.0.0.159(C636E2R1P13T8)
    Affected: Versions earlier than 9.0.0.156(C00E156R2P14T8)
    Affected: Versions earlier than 9.0.0.159(C636E3R1P12T8)
    Affected: Versions earlier than 9.1.0.107(C00E107R2P8T8)
    Affected: Versions earlier than 9.1.0.119(C636E5R1P1T8)
    Affected: Versions earlier than 9.1.0.130(C432E8R1P5T8)
    Affected: Versions earlier than 9.1.0.111(C00E111R1P6T8)
    Affected: Versions earlier than 9.1.0.115(C432E5R1P1T8)
    Affected: Versions earlier than 9.1.0.120(C636E5R1P1T8)
    Affected: Versions earlier than 9.1.0.113(C00E111R2P10T8)
    Affected: Versions earlier than 9.1.0.118(C636E4R1P1T8)
    Affected: Versions earlier than 9.1.0.118(C185E4R1P4T8)
    Affected: Versions earlier than 9.1.0.121(C432E4R1P3T8)
    Affected: Versions earlier than 9.1.0.112(C00E112R1P6T8)
    Affected: Versions earlier 9.1.0.106(SP53C636E2R1P4T8)
    Affected: Versions earlier than 9.0.1.158(C432E6R1P8T8)
    Affected: Versions earlier than 9.0.1.159(C636E6R1P8T8)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.839Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.167(C00E85R2P20T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C432E4R1P9T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.177(C185E2R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C636E2R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.167(C00E87R2P15T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C185E2R1P13T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.161(C432E4R1P11T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C636E2R1P13T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.156(C00E156R2P14T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.0.159(C636E3R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.107(C00E107R2P8T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.119(C636E5R1P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.130(C432E8R1P5T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.111(C00E111R1P6T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.115(C432E5R1P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.120(C636E5R1P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.113(C00E111R2P10T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.118(C636E4R1P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.118(C185E4R1P4T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.121(C432E4R1P3T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.112(C00E112R1P6T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier 9.1.0.106(SP53C636E2R1P4T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.1.158(C432E6R1P8T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.0.1.159(C636E6R1P8T8)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T23:00:29.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5264",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than 9.0.0.167(C00E85R2P20T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C432E4R1P9T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.177(C185E2R1P12T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C636E2R1P12T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.167(C00E87R2P15T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C185E2R1P13T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.161(C432E4R1P11T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C636E2R1P13T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.156(C00E156R2P14T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C432E4R1P9T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.0.159(C636E3R1P12T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.107(C00E107R2P8T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.119(C636E5R1P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.130(C432E8R1P5T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.111(C00E111R1P6T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.115(C432E5R1P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.120(C636E5R1P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.113(C00E111R2P10T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.118(C636E4R1P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.118(C185E4R1P4T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.121(C432E4R1P3T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.112(C00E112R1P6T8)"
                              },
                              {
                                "version_value": "Versions earlier 9.1.0.106(SP53C636E2R1P4T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.1.158(C432E6R1P8T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.0.1.159(C636E6R1P8T8)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5264",
        "datePublished": "2019-12-13T23:00:29.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.839Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5251 (GCVE-0-2019-5251)

    Vulnerability from cvelistv5 – Published: 2019-12-13 14:30 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Path Traversal
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s Affected: Versions earlier than 9.1.0.333(C00E333R2P1T8)
    Affected: Versions earlier than 9.1.0.226(C00E220R2P1)
    Affected: Versions earlier than 9.1.0.130(C00E115R2P8T8)
    Affected: Versions earlier than 9.1.0.139(C00E133R3P1)
    Affected: Versions earlier than 9.1.0.130(C00E112R2P10T8)
    Affected: Versions earlier than 9.1.0.143(C636E5R1P5T8)
    Affected: Versions earlier than 9.1.0.120(C00E113R1P6T8)
    Affected: Versions earlier than 9.1.1.150(C00E150R1P150)
    Affected: Versions earlier than 9.1.0.226(C00E210R2P1)
    Affected: Versions earlier than 9.1.1.132(C00E131R6P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.813Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.226(C00E220R2P1)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.130(C00E115R2P8T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.139(C00E133R3P1)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.130(C00E112R2P10T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.143(C636E5R1P5T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.120(C00E113R1P6T8)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.1.150(C00E150R1P150)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.0.226(C00E210R2P1)"
                },
                {
                  "status": "affected",
                  "version": "Versions earlier than 9.1.1.132(C00E131R6P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Path Traversal",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T14:30:18.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5251",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.226(C00E220R2P1)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.130(C00E115R2P8T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.139(C00E133R3P1)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.130(C00E112R2P10T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.143(C636E5R1P5T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.120(C00E113R1P6T8)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.1.150(C00E150R1P150)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.0.226(C00E210R2P1)"
                              },
                              {
                                "version_value": "Versions earlier than 9.1.1.132(C00E131R6P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Path Traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5251",
        "datePublished": "2019-12-13T14:30:18.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.813Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7946 (GCVE-0-2018-7946)

    Vulnerability from cvelistv5 – Published: 2018-11-27 22:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak.
    Severity
    No CVSS data available.
    CWE
    • information leakage
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. Huawei Honor 7A, Huawei Honor 9 Lite Affected: Huawei Honorinformation leak 7A the versions before 8.0.0.195(C00), Huawei Honor 9 Lite the versions before 8.0.0.182(C01)
    Create a notification for this product.
    Date Public
    2018-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.637Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Huawei Honor 7A, Huawei Honor 9 Lite",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Huawei Honorinformation leak 7A the versions before 8.0.0.195(C00), Huawei Honor 9 Lite the versions before 8.0.0.182(C01)"
                }
              ]
            }
          ],
          "datePublic": "2018-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leakage",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-27T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7946",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Huawei Honor 7A, Huawei Honor 9 Lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Huawei Honorinformation leak 7A the versions before 8.0.0.195(C00), Huawei Honor 9 Lite the versions before 8.0.0.182(C01)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leakage"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7946",
        "datePublished": "2018-11-27T22:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.637Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }