Search

Find a vulnerability

Search criteria

    45 vulnerabilities found for p30 by huawei

    VAR-201908-1958

    Vulnerability from variot - Updated: 2026-04-10 23:16

    The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. The issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device. An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. This advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability.

    This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64

    Bug Fix(es):

    • Backport TCP follow-up for small buffers (BZ#1739184)

    • TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)

    • RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548)

    • block: blk-mq improvement (BZ#1780567)

    • RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)

    • blk-mq: overwirte performance drops on real MQ device (BZ#1782183)

    • RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)

    • 7) - aarch64, noarch, ppc64le

    Bug Fix(es):

    • kernel modules pkey and paes_s390 are not available (BZ#1719192)

    • pkey: Indicate old mkvp only if old and curr. mkvp are different (BZ#1720621)

    • System dropped into Mon running softboots Exception: 501 (Hardware Interrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi) (BZ#1737563)

    • kernel: jump label transformation performance (BZ#1739143)

    • Backport i40e MDD detection removal for PFs (BZ#1747618)

    • 7.5) - ppc64, ppc64le, x86_64

    Bug Fix(es):

    • TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. 7.6) - ppc64le, x86_64

    • Description:

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    Bug Fix(es):

    • kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)

    Bug Fix(es):

    • update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)

    • ========================================================================== Ubuntu Security Notice USN-4147-1 October 04, 2019

    linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities ==========================================================================

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 19.04
    • Ubuntu 18.04 LTS

    Summary:

    Several security issues were fixed in the Linux kernel.

    Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors - linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems - linux-hwe: Linux hardware enablement (HWE) kernel

    Details:

    It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136)

    It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)

    It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13631)

    It was discovered that an out-of-bounds read existed in the QLogic QEDI iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-15090)

    Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117)

    Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118)

    It was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2019-15211)

    It was discovered at a double-free error existed in the USB Rio 500 device driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-15212)

    It was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15215)

    It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15220)

    Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. (CVE-2019-15538)

    It was discovered that the Hisilicon HNS3 ethernet device driver in the Linux kernel contained an out of bounds access vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2019-15925)

    It was discovered that the Atheros mobile chipset driver in the Linux kernel did not properly validate data in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2019-15926)

    Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. A physically proximate attacker could use this to expose sensitive information. (CVE-2019-9506)

    It was discovered that ZR364XX Camera USB device driver for the Linux kernel did not properly initialize memory. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15217)

    It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel made improper assumptions about the device characteristics. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2019-15218)

    It was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15221)

    It was discovered that the Line 6 USB driver for the Linux kernel contained a race condition when the device was disconnected. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15223)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 19.04: linux-image-5.0.0-1018-aws 5.0.0-1018.20 linux-image-5.0.0-1019-kvm 5.0.0-1019.20 linux-image-5.0.0-1019-raspi2 5.0.0-1019.19 linux-image-5.0.0-1020-gcp 5.0.0-1020.20 linux-image-5.0.0-1022-azure 5.0.0-1022.23 linux-image-5.0.0-1023-snapdragon 5.0.0-1023.24 linux-image-5.0.0-31-generic 5.0.0-31.33 linux-image-5.0.0-31-generic-lpae 5.0.0-31.33 linux-image-5.0.0-31-lowlatency 5.0.0-31.33 linux-image-aws 5.0.0.1018.19 linux-image-azure 5.0.0.1022.21 linux-image-gcp 5.0.0.1020.46 linux-image-generic 5.0.0.31.32 linux-image-generic-lpae 5.0.0.31.32 linux-image-gke 5.0.0.1020.46 linux-image-kvm 5.0.0.1019.19 linux-image-lowlatency 5.0.0.31.32 linux-image-raspi2 5.0.0.1019.16 linux-image-snapdragon 5.0.0.1023.16 linux-image-virtual 5.0.0.31.32

    Ubuntu 18.04 LTS: linux-image-5.0.0-1020-gke 5.0.0-1020.20~18.04.1 linux-image-5.0.0-31-generic 5.0.0-31.33~18.04.1 linux-image-5.0.0-31-generic-lpae 5.0.0-31.33~18.04.1 linux-image-5.0.0-31-lowlatency 5.0.0-31.33~18.04.1 linux-image-generic-hwe-18.04 5.0.0.31.88 linux-image-generic-lpae-hwe-18.04 5.0.0.31.88 linux-image-gke-5.0 5.0.0.1020.9 linux-image-lowlatency-hwe-18.04 5.0.0.31.88 linux-image-snapdragon-hwe-18.04 5.0.0.31.88 linux-image-virtual-hwe-18.04 5.0.0.31.88

    After a standard system update you need to reboot your computer to make all the necessary changes.

    ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

    References: https://usn.ubuntu.com/4147-1 CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090, CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212, CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925, CVE-2019-15926, CVE-2019-9506

    Package Information: https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33 https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20 https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23 https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20 https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20 https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19 https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24 https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3

    watchOS 5.3 addresses the following:

    Bluetooth Available for: Apple Watch Series 1 and later Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB) Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Kasper Rasmussen of University of Oxford, England Entry added August 13, 2019

    Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero

    Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8647: Samuel Groß and Natalie Silvanovich of Google Project Zero

    Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project Zero

    Digital Touch Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8624: Natalie Silvanovich of Google Project Zero

    FaceTime Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu

    Foundation Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero

    Heimdal Available for: Apple Watch Series 1 and later Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst

    libxslt Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to view sensitive information Description: A stack overflow was addressed with improved input validation. CVE-2019-13118: found by OSS-Fuzz

    Messages Available for: Apple Watch Series 1 and later Impact: Users removed from an iMessage conversation may still be able to alter state Description: This issue was addressed with improved checks. CVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of University of Oregon

    Messages Available for: Apple Watch Series 1 and later Impact: A remote attacker may cause an unexpected application termination Description: A denial of service issue was addressed with improved validation. CVE-2019-8665: Michael Hernandez of XYZ Marketing

    Quick Look Available for: Apple Watch Series 1 and later Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary Description: This issue was addressed with improved checks. CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project Zero

    Siri Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero

    UIFoundation Available for: Apple Watch Series 1 and later Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative

    Wallet Available for: Apple Watch Series 1 and later Impact: A user may inadvertently complete an in-app purchase while on the lock screen Description: The issue was addressed with improved UI handling. CVE-2019-8682: Jeff Braswell (JeffBraswell.com)

    WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative

    WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative CVE-2019-8672: Samuel Groß of Google Project Zero CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech CVE-2019-8683: lokihardt of Google Project Zero CVE-2019-8684: lokihardt of Google Project Zero CVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL CVE-2019-8688: Insu Yun of SSLab at Georgia Tech CVE-2019-8689: lokihardt of Google Project Zero

    Additional recognition

    MobileInstallation We would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance.

    Installation note:

    Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641

    To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".

    Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:3187-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3187 Issue date: 2019-10-23 CVE Names: CVE-2019-9506 =====================================================================

    1. Summary:

    An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64

    Security Fix(es):

    • hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    • Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)

    • powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745436)

    • powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745438)

    • ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745446)

    • Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    The system must be rebooted for this update to take effect.

    1. Package List:

    Red Hat Enterprise Linux Server AUS (v. 7.4):

    Source: kernel-3.10.0-693.60.1.el7.src.rpm

    noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

    x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server E4S (v. 7.4):

    Source: kernel-3.10.0-693.60.1.el7.src.rpm

    noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

    ppc64le: kernel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm perf-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm

    x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server TUS (v. 7.4):

    Source: kernel-3.10.0-693.60.1.el7.src.rpm

    noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

    x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server Optional AUS (v. 7.4):

    x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server Optional E4S (v. 7.4):

    ppc64le: kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm

    x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server Optional TUS (v. 7.4):

    x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E KceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL A2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e Lbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl 1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA rx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak xg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT lQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo 3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8 zOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn RNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy Vdo262+aA6k= =FkCN -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "cornell-tl10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c01e333r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "lelandp-l22d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "leland-tl10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "columbia-tl00d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.1.0.186\\(c01gt\\)"
          },
          {
            "_id": null,
            "model": "y6 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "19.04"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "cairogo-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "cairogo-l22c461b153"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "princeton-tl10c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.338\\(c185e3r3p1\\)"
          },
          {
            "_id": null,
            "model": "princeton-al10d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.341\\(c185e1r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c185e2r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "leland-l32c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "yale-tl00b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e3r1p14t8\\)"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.12.6"
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.307\\(c635e4r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "virtualization host eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "nova 3",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.7"
          },
          {
            "_id": null,
            "model": "laya-al00ep",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.306\\(c432e4r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.158\\(c432e8r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c782e10r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.332\\(c432e5r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "lelandp-l22c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ares-al10d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.160\\(c00e160r2p5t8\\)"
          },
          {
            "_id": null,
            "model": "y6 prime 2018",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydney-l21",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "18.04"
          },
          {
            "_id": null,
            "model": "cornell-al00ind",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.2.0.141\\(c675custc675d1gt\\)"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "15.0"
          },
          {
            "_id": null,
            "model": "paris-al00ic",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "atomu-l42",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.155\\(c636custc636d1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.155\\(c10e2r3p1\\)"
          },
          {
            "_id": null,
            "model": "madrid-tl00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "enterprise linux aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time for nfv",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8"
          },
          {
            "_id": null,
            "model": "florida-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.150\\(c185e6r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c636e3r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.137\\(c33e8r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.171\\(c10e2r3p1\\)"
          },
          {
            "_id": null,
            "model": "leland-tl10c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "madrid-al00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-al10ind",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.363\\(c675e2r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "nova 5i pro",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "jakarta-al00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "yale-l21a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "nova lite 3",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.172\\(c432e2r5p1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c636e2r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "sydney-l22",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "dura-tl00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "1.0.0.176\\(c01\\)"
          },
          {
            "_id": null,
            "model": "p20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "y9 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "potter-al00c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-tl10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.128\\(c01e112r1p6t8\\)"
          },
          {
            "_id": null,
            "model": "sydneym-l22",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.7"
          },
          {
            "_id": null,
            "model": "lelandp-al10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "berkeley-tl10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c01e333r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "p30 pro",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.342\\(c461e1r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "figo-l23",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.160\\(c605e6r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "imanager neteco 6000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c636e4r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c432e7r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c432e2r5p1\\)"
          },
          {
            "_id": null,
            "model": "tony-tl00b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "harry-al00c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.150\\(c636e6r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.149\\(c675e8r2p1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.170\\(c185e2r5p1\\)"
          },
          {
            "_id": null,
            "model": "nova 5",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "leland-l42c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor 8a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "lelandp-al10d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "figo-tl10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.130\\(c01e115r2p8t8\\)"
          },
          {
            "_id": null,
            "model": "tony-al00b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.306\\(c185e2r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "london-al40ind",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "harry-al10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "johnson-tl00d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "alp-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.326\\(c635e2r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "p smart",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "asoka-al00ax",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1.181\\(c00e48r6p1\\)"
          },
          {
            "_id": null,
            "model": "columbia-al10i",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.335\\(c675e8r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "sydneym-l23",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ares-tl00c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.165\\(c01e165r2p5t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time for nfv eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.347\\(c432e1r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "katyusha-al00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "paris-l29b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydneym-l01",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-al20b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.128\\(c00e112r1p6t8\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c185e3r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "potter-al10a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "yale-l61c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "sydney-l22br",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydneym-al00",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c432e5r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.170\\(c636e2r3p1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "dubai-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.2.0.190\\(c00r2p2\\)"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": null
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c605e2r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.143\\(c675e8r2p1\\)"
          },
          {
            "_id": null,
            "model": "hima-l29c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "atomu-l33",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.147\\(c605custc605d1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time for nfv",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "bla-tl00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.329\\(c01e320r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c636e7r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "dura-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "1.0.0.182\\(c00\\)"
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c636e2r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.1.0.156\\(c605\\)"
          },
          {
            "_id": null,
            "model": "p smart 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.14.5"
          },
          {
            "_id": null,
            "model": "harry-tl00c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux for real time",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8"
          },
          {
            "_id": null,
            "model": "y6 pro 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor view 10",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "berkeley-al20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "_id": null,
            "model": "johnson-tl00f",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.122\\(c09e7r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e5r1p14t8\\)"
          },
          {
            "_id": null,
            "model": "yalep-al10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-l23",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c605e7r1p2t8\\)"
          },
          {
            "_id": null,
            "model": "yale-al50a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c461e2r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time for nfv eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.7"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "honor 8x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.122d\\(c652\\)"
          },
          {
            "_id": null,
            "model": "mate 20 x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-al00i",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.363\\(c675e3r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "nova 4",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "leland-l42a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydney-al00",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.165\\(c10e8r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c636e2r3p1\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c461e3r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "leland-l32a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "neo-al00d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydneym-l03",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c185e2r5p1\\)"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.13.6"
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.300\\(c605e2r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "lelandp-l22a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c185e4r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "leland-l31a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "atomu-l41",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.153\\(c461custc461d1\\)"
          },
          {
            "_id": null,
            "model": "imanager neteco",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "paris-l21b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "mate 20 pro",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "mrg realtime",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "y5 2018",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "yale-al00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydney-tl00",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.306\\(c636e2r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "lelandp-al00c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydney-l21br",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "columbia-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "p20 pro",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor view 20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "barca-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.366\\(c00\\)"
          },
          {
            "_id": null,
            "model": "leland-l21a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "paris-l21meb",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "princeton-al10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.150\\(c432e6r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "ares-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.160\\(c00e160r2p5t8\\)"
          },
          {
            "_id": null,
            "model": "mate 20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "honor 10 lite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "y5 lite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "bla-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.329\\(c786e320r2p1t8\\)"
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.137\\(c530e8r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "15.1"
          },
          {
            "_id": null,
            "model": "y7 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydneym-l21",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "bluetooth sig",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Red Hat",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "156058"
          },
          {
            "db": "PACKETSTORM",
            "id": "155005"
          },
          {
            "db": "PACKETSTORM",
            "id": "154779"
          },
          {
            "db": "PACKETSTORM",
            "id": "155017"
          },
          {
            "db": "PACKETSTORM",
            "id": "155004"
          },
          {
            "db": "PACKETSTORM",
            "id": "154936"
          },
          {
            "db": "PACKETSTORM",
            "id": "154949"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2019-9506",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-9506",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT DEFINED",
                "baseScore": 7.8,
                "collateralDamagePotential": "NOT DEFINED",
                "confidentialityImpact": "COMPLETE",
                "confidentialityRequirement": "NOT DEFINED",
                "enviromentalScore": 7.8,
                "exploitability": "NOT DEFINED",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-9506",
                "impactScore": 9.2,
                "integrityImpact": "COMPLETE",
                "integrityRequirement": "NOT DEFINED",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "remediationLevel": "NOT DEFINED",
                "reportConfidence": "NOT DEFINED",
                "severity": "HIGH",
                "targetDistribution": "NOT DEFINED",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vector_string": "AV:A/AC:L/Au:N/C:C/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "VHN-160941",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-9506",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cret@cert.org",
                "availabilityImpact": "LOW",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-9506",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-9506",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cret@cert.org",
                "id": "CVE-2019-9506",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-9506",
                "trust": 0.8,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-864",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-160941",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-9506",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. \nThe issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device.  An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. \nThis advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability. \n\nThis advisory is available at the following link:\ntools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* Backport TCP follow-up for small buffers (BZ#1739184)\n\n* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)\n\n* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test\n(Marvell/Cavium/QLogic) (L3:) (BZ#1743548)\n\n* block: blk-mq improvement (BZ#1780567)\n\n* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during\nRHEL8.0 validation for SAP HANA on POWER (BZ#1781111)\n\n* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)\n\n* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads\nto drain out system memory quickly. (BZ#1782705)\n\n4. 7) - aarch64, noarch, ppc64le\n\n3. \n\nBug Fix(es):\n\n* kernel modules pkey and paes_s390 are not available (BZ#1719192)\n\n* pkey: Indicate old mkvp only if old and curr. mkvp are different\n(BZ#1720621)\n\n* System dropped into Mon running softboots Exception: 501 (Hardware\nInterrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi)\n(BZ#1737563)\n\n* kernel: jump label transformation performance (BZ#1739143)\n\n* Backport i40e MDD detection removal for PFs (BZ#1747618)\n\n4. 7.5) - ppc64, ppc64le, x86_64\n\n3. \n\nBug Fix(es):\n\n* TCP packets are segmented when sent to the VLAN device when coming from\nVXLAN dev. 7.6) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nBug Fix(es):\n\n* kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)\n\n4. \n\nBug Fix(es):\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)\n\n4. ==========================================================================\nUbuntu Security Notice USN-4147-1\nOctober 04, 2019\n\nlinux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe,\nlinux-kvm, linux-raspi2, linux-snapdragon vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux: Linux kernel\n- linux-aws: Linux kernel for Amazon Web Services (AWS) systems\n- linux-azure: Linux kernel for Microsoft Azure Cloud systems\n- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems\n- linux-kvm: Linux kernel for cloud environments\n- linux-raspi2: Linux kernel for Raspberry Pi 2\n- linux-snapdragon: Linux kernel for Snapdragon processors\n- linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems\n- linux-hwe: Linux hardware enablement (HWE) kernel\n\nDetails:\n\nIt was discovered that the Intel Wi-Fi device driver in the Linux kernel\ndid not properly validate certain Tunneled Direct Link Setup (TDLS). A\nphysically proximate attacker could use this to cause a denial of service\n(Wi-Fi disconnect). (CVE-2019-0136)\n\nIt was discovered that the Bluetooth UART implementation in the Linux\nkernel did not properly check for missing tty operations. A local attacker\ncould use this to cause a denial of service. (CVE-2019-10207)\n\nIt was discovered that the GTCO tablet input driver in the Linux kernel did\nnot properly bounds check the initial HID report sent by the device. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-13631)\n\nIt was discovered that an out-of-bounds read existed in the QLogic QEDI\niSCSI Initiator Driver in the Linux kernel. A local attacker could possibly\nuse this to expose sensitive information (kernel memory). (CVE-2019-15090)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for the\nLinux kernel did not properly validate device meta data. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15117)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for the\nLinux kernel improperly performed recursion while handling device meta\ndata. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15118)\n\nIt was discovered that the Raremono AM/FM/SW radio device driver in the\nLinux kernel did not properly allocate memory, leading to a use-after-free. \nA physically proximate attacker could use this to cause a denial of service\nor possibly execute arbitrary code. (CVE-2019-15211)\n\nIt was discovered at a double-free error existed in the USB Rio 500 device\ndriver for the Linux kernel. A physically proximate attacker could use this\nto cause a denial of service. (CVE-2019-15212)\n\nIt was discovered that a race condition existed in the CPiA2 video4linux\ndevice driver for the Linux kernel, leading to a use-after-free. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-15215)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54\ndevice driver in the Linux kernel. A physically proximate attacker could\nuse this to cause a denial of service (system crash). (CVE-2019-15220)\n\nBenjamin Moody discovered that the XFS file system in the Linux kernel did\nnot properly handle an error condition when out of disk quota. A local\nattacker could possibly use this to cause a denial of service. \n(CVE-2019-15538)\n\nIt was discovered that the Hisilicon HNS3 ethernet device driver in the\nLinux kernel contained an out of bounds access vulnerability. A local\nattacker could use this to possibly cause a denial of service (system\ncrash). (CVE-2019-15925)\n\nIt was discovered that the Atheros mobile chipset driver in the Linux\nkernel did not properly validate data in some situations. An attacker could\nuse this to cause a denial of service (system crash). (CVE-2019-15926)\n\nDaniele Antonioli, Nils Ole Tippenhauer, and Kasper B. A physically proximate attacker\ncould use this to expose sensitive information. (CVE-2019-9506)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux\nkernel did not properly initialize memory. A physically proximate attacker\ncould use this to cause a denial of service (system crash). \n(CVE-2019-15217)\n\nIt was discovered that the Siano USB MDTV receiver device driver in the\nLinux kernel made improper assumptions about the device characteristics. A\nphysically proximate attacker could use this cause a denial of service\n(system crash). (CVE-2019-15218)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux kernel\ndid not properly validate data size information from the device. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash). (CVE-2019-15221)\n\nIt was discovered that the Line 6 USB driver for the Linux kernel contained\na race condition when the device was disconnected. A physically proximate\nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15223)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n  linux-image-5.0.0-1018-aws      5.0.0-1018.20\n  linux-image-5.0.0-1019-kvm      5.0.0-1019.20\n  linux-image-5.0.0-1019-raspi2   5.0.0-1019.19\n  linux-image-5.0.0-1020-gcp      5.0.0-1020.20\n  linux-image-5.0.0-1022-azure    5.0.0-1022.23\n  linux-image-5.0.0-1023-snapdragon  5.0.0-1023.24\n  linux-image-5.0.0-31-generic    5.0.0-31.33\n  linux-image-5.0.0-31-generic-lpae  5.0.0-31.33\n  linux-image-5.0.0-31-lowlatency  5.0.0-31.33\n  linux-image-aws                 5.0.0.1018.19\n  linux-image-azure               5.0.0.1022.21\n  linux-image-gcp                 5.0.0.1020.46\n  linux-image-generic             5.0.0.31.32\n  linux-image-generic-lpae        5.0.0.31.32\n  linux-image-gke                 5.0.0.1020.46\n  linux-image-kvm                 5.0.0.1019.19\n  linux-image-lowlatency          5.0.0.31.32\n  linux-image-raspi2              5.0.0.1019.16\n  linux-image-snapdragon          5.0.0.1023.16\n  linux-image-virtual             5.0.0.31.32\n\nUbuntu 18.04 LTS:\n  linux-image-5.0.0-1020-gke      5.0.0-1020.20~18.04.1\n  linux-image-5.0.0-31-generic    5.0.0-31.33~18.04.1\n  linux-image-5.0.0-31-generic-lpae  5.0.0-31.33~18.04.1\n  linux-image-5.0.0-31-lowlatency  5.0.0-31.33~18.04.1\n  linux-image-generic-hwe-18.04   5.0.0.31.88\n  linux-image-generic-lpae-hwe-18.04  5.0.0.31.88\n  linux-image-gke-5.0             5.0.0.1020.9\n  linux-image-lowlatency-hwe-18.04  5.0.0.31.88\n  linux-image-snapdragon-hwe-18.04  5.0.0.31.88\n  linux-image-virtual-hwe-18.04   5.0.0.31.88\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n  https://usn.ubuntu.com/4147-1\n  CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090,\n  CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212,\n  CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220,\n  CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925,\n  CVE-2019-15926, CVE-2019-9506\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33\n  https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20\n  https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23\n  https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20\n  https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20\n  https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19\n  https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24\n  https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1\n  https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-8-13-3 Additional information for\nAPPLE-SA-2019-7-22-4 watchOS 5.3\n\nwatchOS 5.3 addresses the following:\n\nBluetooth\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\nDescription: An input validation issue existed in Bluetooth. This\nissue was addressed with improved input validation. \nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Kasper Rasmussen of\nUniversity of Oxford, England\nEntry added August 13, 2019\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2019-8647: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nDigital Touch\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8624: Natalie Silvanovich of Google Project Zero\n\nFaceTime\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\nFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8641: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nHeimdal\nAvailable for: Apple Watch Series 1 and later\nImpact: An issue existed in Samba that may allow attackers to perform\nunauthorized actions by intercepting communications between services\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team\nand Catalyst\n\nlibxslt\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to view sensitive information\nDescription: A stack overflow was addressed with improved input\nvalidation. \nCVE-2019-13118: found by OSS-Fuzz\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: Users removed from an iMessage conversation may still be able\nto alter state\nDescription: This issue was addressed with improved checks. \nCVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of\nUniversity of Oregon\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may cause an unexpected application\ntermination\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2019-8665: Michael Hernandez of XYZ Marketing\n\nQuick Look\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker may be able to trigger a use-after-free in an\napplication deserializing an untrusted NSDictionary\nDescription: This issue was addressed with improved checks. \nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project\nZero\n\nSiri\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nUIFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: Parsing a maliciously crafted office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro\u0027s Zero\nDay Initiative\n\nWallet\nAvailable for: Apple Watch Series 1 and later\nImpact: A user may inadvertently complete an in-app purchase while on\nthe lock screen\nDescription: The issue was addressed with improved UI handling. \nCVE-2019-8682: Jeff Braswell (JeffBraswell.com)\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2019-8658: akayn working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2019-8669: akayn working with Trend Micro\u0027s Zero Day Initiative\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\nCVE-2019-8683: lokihardt of Google Project Zero\nCVE-2019-8684: lokihardt of Google Project Zero\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech,\nKen Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL,\nand Eric Lung (@Khlung1) of VXRL\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\nCVE-2019-8689: lokihardt of Google Project Zero\n\nAdditional recognition\n\nMobileInstallation\nWe would like to acknowledge Dany Lisiansky (@DanyL931) for their\nassistance. \n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: kernel security and bug fix update\nAdvisory ID:       RHSA-2019:3187-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2019:3187\nIssue date:        2019-10-23\nCVE Names:         CVE-2019-9506 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.4 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n(CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)\n\n* powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas:\nFix a potential race between CPU-Offline \u0026 Migration (LPM) (BZ#1745436)\n\n* powerpc/pseries: Fix unitialized timer reset on migration /\npowerpc/pseries/mobility: Extend start/stop topology update scope (LPM)\n(BZ#1745438)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM\n(POWER9/P9) (BZ#1745446)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nppc64le:\nkernel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4):\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E\nKceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL\nA2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e\nLbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl\n1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA\nrx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak\nxg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT\nlQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo\n3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8\nzOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn\nRNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy\nVdo262+aA6k=\n=FkCN\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          },
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "PACKETSTORM",
            "id": "156058"
          },
          {
            "db": "PACKETSTORM",
            "id": "155005"
          },
          {
            "db": "PACKETSTORM",
            "id": "154779"
          },
          {
            "db": "PACKETSTORM",
            "id": "155017"
          },
          {
            "db": "PACKETSTORM",
            "id": "155004"
          },
          {
            "db": "PACKETSTORM",
            "id": "154936"
          },
          {
            "db": "PACKETSTORM",
            "id": "154740"
          },
          {
            "db": "PACKETSTORM",
            "id": "154056"
          },
          {
            "db": "PACKETSTORM",
            "id": "154949"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-9506",
            "trust": 2.7
          },
          {
            "db": "CERT/CC",
            "id": "VU#918987",
            "trust": 2.6
          },
          {
            "db": "PACKETSTORM",
            "id": "157216",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "156058",
            "trust": 0.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.0141",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1366",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1189",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1366.2",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4346",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4346.2",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4676",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.0262",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.3115",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4252",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1338",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4584",
            "trust": 0.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-27173",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "155017",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "154949",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "154936",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "155004",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "155005",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "154779",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "154740",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "154056",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "PACKETSTORM",
            "id": "156058"
          },
          {
            "db": "PACKETSTORM",
            "id": "155005"
          },
          {
            "db": "PACKETSTORM",
            "id": "154779"
          },
          {
            "db": "PACKETSTORM",
            "id": "155017"
          },
          {
            "db": "PACKETSTORM",
            "id": "155004"
          },
          {
            "db": "PACKETSTORM",
            "id": "154936"
          },
          {
            "db": "PACKETSTORM",
            "id": "154740"
          },
          {
            "db": "PACKETSTORM",
            "id": "154056"
          },
          {
            "db": "PACKETSTORM",
            "id": "154949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "id": "VAR-201908-1958",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          }
        ],
        "trust": 0.6336539925
      },
      "last_update_date": "2026-04-10T23:16:47.566000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Bluetooth Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96553"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2019/08/22/cisco_patch_bundle/"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193187 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kpatch-patch security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193231 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20192975 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel-rt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193165 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193218 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20201460 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193220 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel-rt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193089 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193055 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel-alt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193217 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kpatch-patch security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193076 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2019-9506",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2019-9506"
          },
          {
            "title": "Cisco: Key Negotiation of Bluetooth Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190813-bluetooth"
          },
          {
            "title": "HP: HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03634"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20200204 - Security Advisory"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=814c3d5b0bc03fc1c34e62dbc5cf6bf7"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=20bba81176880ee641f9d46354adc125"
          },
          {
            "title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193517 - Security Advisory"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=4da976eef66883f5331725800e5cf063"
          },
          {
            "title": "Red Hat: Important: kernel-rt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193309 - Security Advisory"
          },
          {
            "title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4147-1"
          },
          {
            "title": "Fortinet Security Advisories: CVE-2019-9506 Encryption Key Negotiation of Bluetooth Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-19-224"
          },
          {
            "title": "Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-2"
          },
          {
            "title": "Ubuntu Security Notice: linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-1"
          },
          {
            "title": "Ubuntu Security Notice: linux-aws vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4118-1"
          },
          {
            "title": "knob",
            "trust": 0.1,
            "url": "https://github.com/francozappa/knob "
          },
          {
            "title": "bluetooth-KNOB",
            "trust": 0.1,
            "url": "https://github.com/u10427687/bluetooth-KNOB "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/makaubenson/Fix-BT-Ubuntu "
          },
          {
            "title": "broadcom-bt-firmware",
            "trust": 0.1,
            "url": "https://github.com/winterheart/broadcom-bt-firmware "
          },
          {
            "title": "broadcom-bt-firmware",
            "trust": 0.1,
            "url": "https://github.com/AlexandrBing/broadcom-bt-firmware "
          },
          {
            "title": "Protocol-Vul",
            "trust": 0.1,
            "url": "https://github.com/WinMin/Protocol-Vul "
          },
          {
            "title": "awesome-bluetooth-security",
            "trust": 0.1,
            "url": "https://github.com/engn33r/awesome-bluetooth-security "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
          },
          {
            "title": "PoC-in-GitHub",
            "trust": 0.1,
            "url": "https://github.com/developer3000S/PoC-in-GitHub "
          },
          {
            "title": "CVE-POC",
            "trust": 0.1,
            "url": "https://github.com/0xT11/CVE-POC "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
          },
          {
            "title": "PoC-in-GitHub",
            "trust": 0.1,
            "url": "https://github.com/hectorgie/PoC-in-GitHub "
          },
          {
            "title": "PoC-in-GitHub",
            "trust": 0.1,
            "url": "https://github.com/nomi-sec/PoC-in-GitHub "
          },
          {
            "title": "Symantec Threat Intelligence Blog",
            "trust": 0.1,
            "url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-august-2019"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/cisco-patches-six-critical-bugs/147585/"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/lenovo-warns-bugs-thinkpads/147338/"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/wormable-remote-desktop-bugs-august-patch-tuesday/147302/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-traffic/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-connections/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-327",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "https://access.redhat.com/errata/rhsa-2020:0204"
          },
          {
            "trust": 2.0,
            "url": "https://access.redhat.com/errata/rhsa-2019:3187"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:2975"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:3165"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:3217"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:3218"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:3231"
          },
          {
            "trust": 1.8,
            "url": "https://www.kb.cert.org/vuls/id/918987/"
          },
          {
            "trust": 1.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
          },
          {
            "trust": 1.8,
            "url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2019/aug/11"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2019/aug/13"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2019/aug/14"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2019/aug/15"
          },
          {
            "trust": 1.8,
            "url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
          },
          {
            "trust": 1.8,
            "url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
          },
          {
            "trust": 1.8,
            "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
          },
          {
            "trust": 1.8,
            "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
          },
          {
            "trust": 1.8,
            "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3055"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3076"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3089"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3220"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3309"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3517"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
          },
          {
            "trust": 1.8,
            "url": "https://usn.ubuntu.com/4115-1/"
          },
          {
            "trust": 1.8,
            "url": "https://usn.ubuntu.com/4118-1/"
          },
          {
            "trust": 1.8,
            "url": "https://usn.ubuntu.com/4147-1/"
          },
          {
            "trust": 1.6,
            "url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth"
          },
          {
            "trust": 1.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9506"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/francozappa/knob"
          },
          {
            "trust": 0.8,
            "url": "https://www.bluetooth.com/specifications/adopted-specifications"
          },
          {
            "trust": 0.8,
            "url": "https://www.usenix.org/system/files/sec19-antonioli.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.icasi.org/br-edr-encryption-key-bluetooth-vulnerability/"
          },
          {
            "trust": 0.8,
            "url": "http://support.blackberry.com/kb/articledetail?articlenumber=000057251"
          },
          {
            "trust": 0.7,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190813-bluetooth"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.7,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.7,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/cve/cve-2019-9506"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/157216/red-hat-security-advisory-2020-1460-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1338/"
          },
          {
            "trust": 0.6,
            "url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9506"
          },
          {
            "trust": 0.6,
            "url": "https://support.lenovo.com/us/en/product_security/len-27173"
          },
          {
            "trust": 0.6,
            "url": "https://support.apple.com/en-us/ht210353"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4676/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4346/"
          },
          {
            "trust": 0.6,
            "url": "https://support.apple.com/en-us/ht210346"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4252/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4584/"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190828-01-knob-cn"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.0141/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.0262/"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.3115/"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/bluetooth-br-edr-information-disclosure-via-key-negotiation-30041"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4346.2/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1189/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1366/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1366.2/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/327.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.kb.cert.org/vuls/id/918987"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5489"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0154"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-0154"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12207"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-16884"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-11135"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14821"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0155"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-0155"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14901"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-5489"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14816"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14901"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10126"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-12207"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14816"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11135"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-3900"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-10126"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-11810"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11810"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9500"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20856"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-10902"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9500"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10902"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-20856"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-1125"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-1125"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/4329821"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15223"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15538"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/4147-1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15118"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10207"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15221"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15090"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15217"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13631"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15925"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15117"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15220"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15211"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15926"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15218"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15215"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0136"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15212"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8659"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht204641"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16860"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8669"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8646"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8688"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13118"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8672"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8658"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8648"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8641"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8647"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8684"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8683"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8682"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8665"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8660"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8657"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8689"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8676"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8685"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8662"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "PACKETSTORM",
            "id": "156058"
          },
          {
            "db": "PACKETSTORM",
            "id": "155005"
          },
          {
            "db": "PACKETSTORM",
            "id": "154779"
          },
          {
            "db": "PACKETSTORM",
            "id": "155017"
          },
          {
            "db": "PACKETSTORM",
            "id": "155004"
          },
          {
            "db": "PACKETSTORM",
            "id": "154936"
          },
          {
            "db": "PACKETSTORM",
            "id": "154740"
          },
          {
            "db": "PACKETSTORM",
            "id": "154056"
          },
          {
            "db": "PACKETSTORM",
            "id": "154949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#918987",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "156058",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "155005",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154779",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "155017",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "155004",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154936",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154740",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154056",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154949",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2019-08-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#918987",
            "ident": null
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-160941",
            "ident": null
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-9506",
            "ident": null
          },
          {
            "date": "2020-01-23T00:26:55",
            "db": "PACKETSTORM",
            "id": "156058",
            "ident": null
          },
          {
            "date": "2019-10-29T14:49:28",
            "db": "PACKETSTORM",
            "id": "155005",
            "ident": null
          },
          {
            "date": "2019-10-08T20:44:06",
            "db": "PACKETSTORM",
            "id": "154779",
            "ident": null
          },
          {
            "date": "2019-10-29T14:59:12",
            "db": "PACKETSTORM",
            "id": "155017",
            "ident": null
          },
          {
            "date": "2019-10-29T14:48:28",
            "db": "PACKETSTORM",
            "id": "155004",
            "ident": null
          },
          {
            "date": "2019-10-22T17:27:00",
            "db": "PACKETSTORM",
            "id": "154936",
            "ident": null
          },
          {
            "date": "2019-10-05T14:13:57",
            "db": "PACKETSTORM",
            "id": "154740",
            "ident": null
          },
          {
            "date": "2019-08-14T20:32:22",
            "db": "PACKETSTORM",
            "id": "154056",
            "ident": null
          },
          {
            "date": "2019-10-23T18:29:02",
            "db": "PACKETSTORM",
            "id": "154949",
            "ident": null
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-864",
            "ident": null
          },
          {
            "date": "2019-08-14T17:15:11.597000",
            "db": "NVD",
            "id": "CVE-2019-9506",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2020-05-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#918987",
            "ident": null
          },
          {
            "date": "2021-11-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-160941",
            "ident": null
          },
          {
            "date": "2021-11-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-9506",
            "ident": null
          },
          {
            "date": "2021-11-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-864",
            "ident": null
          },
          {
            "date": "2024-11-21T04:51:45.113000",
            "db": "NVD",
            "id": "CVE-2019-9506",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202008-1252

    Vulnerability from variot - Updated: 2025-01-19 23:30

    There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)

    This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081. Mate 20 firmware, P30 firmware, P30 Pro firmware etc. Huawei The product contains an incorrect authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1252",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "princeton-al10d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r2p8\\)"
          },
          {
            "model": "yalep-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r8p12\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r2p8\\)"
          },
          {
            "model": "yale-al50a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.88\\(c00e88r8p1\\)"
          },
          {
            "model": "yale-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r8p12\\)"
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "princeton-al10d",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "yale-al50a",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "yalep-al10b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "yale-al00a",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "cve": "CVE-2020-9081",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "psirt@huawei.com",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9081",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9081",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9081",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@huawei.com",
                "id": "CVE-2020-9081",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9081",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9081",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202008-1321",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)\n\n\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081. Mate 20 firmware, P30 firmware, P30 Pro firmware etc. Huawei The product contains an incorrect authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9081",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "id": "VAR-202008-1252",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.579064925
      },
      "last_update_date": "2025-01-19T23:30:55.116000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei product security vulnerabilities repair measures",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126964"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-285",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate authorization (CWE-285) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Illegal authentication (CWE-863) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200826-15-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9081"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200826-15-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-01-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "date": "2020-08-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "date": "2024-12-27T10:15:10.937000",
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-01-16T09:13:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "date": "2021-01-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "date": "2025-01-10T20:37:44.267000",
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Fraudulent Authentication Vulnerability in Products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0830

    Vulnerability from variot - Updated: 2024-11-23 23:11

    P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. Huawei P30 and others are all smartphones of China's Huawei company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0830",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "hima-al00b_9.1.0.135\\(c00e200r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193\\(c00e190r1p21\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "hima-al00b 9.1.0.135(c00e200r2p1)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "vogue-al00a 9.1.0.193(c00e190r1p12)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "elle-al00b 9.1.0.193(c00e190r1p21)"
          },
          {
            "model": "p30 \u003celle-al00b 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003cvogue-al00a 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate \u003chima-al00b 9.1.0.135",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by an external researcher.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5225",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5225",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 1.9,
                "id": "CNVD-2019-41838",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5225",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5225",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5225",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5225",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-41838",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-1747",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. Huawei P30 and others are all smartphones of China\u0027s Huawei company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5225",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "id": "VAR-201911-0830",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          }
        ],
        "trust": 1.4316259699999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:37.914000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190821-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30, Mate 20, and P30 Pro Buffer Overflow Vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/191711"
          },
          {
            "title": "Huawei P30 , Mate 20  and P30 Pro Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97331"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5225"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190821-02-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5225"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "date": "2019-12-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "date": "2019-08-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "date": "2019-11-29T20:15:11.753000",
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "date": "2019-12-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "date": "2019-12-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "date": "2024-11-21T04:44:33.507000",
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural Classic Buffer Overflow Vulnerability in Smartphone Products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-0803

    Vulnerability from variot - Updated: 2024-11-23 23:11

    There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. plural Huawei Smartphone products contain a paste traversal vulnerability.Information may be obtained. Huawei P30 and other products are products of China's Huawei. The Huawei P30 is a smartphone. Huawei P30 Pro is a smartphone. Huawei M6 is a tablet. The vulnerability stems from the system's failure to adequately verify the path name from an application. information

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-0803",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "enjoy 7s",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.130\\(c00e115r2p8t8\\)"
          },
          {
            "model": "honor v10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "m6",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1.150\\(c00e150r1p150\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.139\\(c00e133r3p1\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.226\\(c00e210r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.226\\(c00e220r2p1\\)"
          },
          {
            "model": "honor 9 lite",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.143\\(c636e5r1p5t8\\)"
          },
          {
            "model": "honor 9i",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.120\\(c00e113r1p6t8\\)"
          },
          {
            "model": "honor 20s",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1.132\\(c00e131r6p1\\)"
          },
          {
            "model": "honor 9 lite",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.130\\(c00e112r2p10t8\\)"
          },
          {
            "model": "enjoy 7s",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 20s",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 9 lite",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 9i",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 10",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "m6",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor \u003c9.1.0.333",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "v10"
          },
          {
            "model": "p30 \u003c9.1.0.226",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "enjoy 7s",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.130"
          },
          {
            "model": "mate \u003c9.1.0.139",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honor lite \u003c9.1.0.130",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9"
          },
          {
            "model": "honor lite \u003c9.1.0.143",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9"
          },
          {
            "model": "honor 9i \u003c9.1.0.120",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "m6 \u003c9.1.1.150",
            "scope": null,
            "trust": 0.6,
            "vendor": "ibaby",
            "version": null
          },
          {
            "model": "p30 pro \u003c9.1.0.226",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 20s \u003c9.1.1.132",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:enjoy_7s_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_20s_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_9_lite_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_9i_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_10_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:m6_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by an external researcher. Huawei thanks the researcher for cooperating with us to disclose the vulnerability to protect Huawei\u0027s customers.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5251",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5251",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-02966",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5251",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5251",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5251",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5251",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-02966",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-175",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. plural Huawei Smartphone products contain a paste traversal vulnerability.Information may be obtained. Huawei P30 and other products are products of China\u0027s Huawei. The Huawei P30 is a smartphone. Huawei P30 Pro is a smartphone. Huawei M6 is a tablet. The vulnerability stems from the system\u0027s failure to adequately verify the path name from an application. information",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5251",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "id": "VAR-201912-0803",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          }
        ],
        "trust": 1.281329055
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:36.711000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20191204-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
          },
          {
            "title": "Patch for Multiple Huawei Product Path Traversal Vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/197281"
          },
          {
            "title": "Multiple Huawei Product path traversal vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103979"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5251"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5251"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-03-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "date": "2019-12-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "date": "2019-12-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "date": "2019-12-13T15:15:11.317000",
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "date": "2019-12-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "date": "2020-09-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "date": "2024-11-21T04:44:36.387000",
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Vulnerability of past traversal in smartphone products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201906-0355

    Vulnerability from variot - Updated: 2024-11-23 23:08

    There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0355",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "vog-al00_9.1.0.162\\(c01e160r1p12\\/c01e160r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "ele-al00_9.1.0.162\\(c01e160r1p12\\/c01e160r2p1\\)"
          },
          {
            "model": "mate 9 pro",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "ele-al00 9.1.0.162(c01e160r1p12/c01e160r2p1)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "vog-al00 9.1.0.162(c01e160r1p12/c01e160r2p1)"
          },
          {
            "model": "p30 pro \u003cvog-al00 9.1.0.162",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 \u003cele-al00 9.1.0.162",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5215"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_9_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tencent Xuanwu Lab",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5215",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CVE-2019-5215",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.2,
                "id": "CNVD-2019-14805",
                "impactScore": 9.2,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.6,
                "id": "CVE-2019-5215",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5215",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5215",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-14805",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-793",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5215"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5215",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-793",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5215"
          }
        ]
      },
      "id": "VAR-201906-0355",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          }
        ],
        "trust": 1.34915903
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:08:23.992000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190517-01-share",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en"
          },
          {
            "title": "Huawei P30 and P30 Pro man-in-the-middle attack vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/161721"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5215"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190517-01-share-cn"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5215"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5215"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5215"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          },
          {
            "date": "2019-06-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "date": "2019-05-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          },
          {
            "date": "2019-06-04T19:29:00.227000",
            "db": "NVD",
            "id": "CVE-2019-5215"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-14805"
          },
          {
            "date": "2019-06-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          },
          {
            "date": "2024-11-21T04:44:31.840000",
            "db": "NVD",
            "id": "CVE-2019-5215"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei P30 Smartphone and  P30 Pro Input validation vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005134"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-793"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0833

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution. Huawei P30 and others are all smartphones of China's Huawei company. The vulnerability stems from the fact that the system does not lock the function

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0833",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30 pro",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor v20",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)"
          },
          {
            "model": "honor v20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "princeton-al10b_9.1.0.233\\(c00e233r4p3\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193\\(c00e190r1p21\\)"
          },
          {
            "model": "honor v20",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "princeton-al10b 9.1.0.233(c00e233r4p3)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "vogue-al00a 9.1.0.193(c00e190r1p12)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "elle-al00b 9.1.0.193(c00e190r1p21)"
          },
          {
            "model": "p30 \u003celle-al00b 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003cvogue-al00a 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor \u003cprinceton-al10b 9.1.0.233",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.226c00e210r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.186c00e180r2p1"
          },
          {
            "model": "honor v20",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.0.1.161c00e161r2p2"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5228"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_v20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          }
        ]
      },
      "cve": "CVE-2019-5228",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5228",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2019-41252",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5228",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5228",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5228",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5228",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-41252",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-540",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5228"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution. Huawei P30 and others are all smartphones of China\u0027s Huawei company. The vulnerability stems from the fact that the system does not lock the function",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5228"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5228",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5228"
          }
        ]
      },
      "id": "VAR-201911-0833",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          }
        ],
        "trust": 1.4316259699999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:04:35.732000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190911-01-smartphone",
            "trust": 0.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30, Huawei P30 Pro and Honor Princeton-AL10B Conditional Competitive Vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/190791"
          },
          {
            "title": "Huawei P30 , Huawei P30 Pro  and Honor Princeton-AL10B Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98128"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-362",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5228"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5228"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190911-01-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5228"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5228"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5228"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          },
          {
            "date": "2019-11-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "date": "2019-09-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          },
          {
            "date": "2019-11-12T23:15:10.223000",
            "db": "NVD",
            "id": "CVE-2019-5228"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-41252"
          },
          {
            "date": "2019-11-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          },
          {
            "date": "2019-11-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          },
          {
            "date": "2024-11-21T04:44:33.877000",
            "db": "NVD",
            "id": "CVE-2019-5228"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Vulnerability related to competition in smartphone products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011975"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "competition condition problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-540"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1717

    Vulnerability from variot - Updated: 2024-11-23 23:04

    HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL. HUAWEI P30 , P30 Pro , Tony-AL00B There is an authentication vulnerability in.Information may be obtained and tampered with. Huawei P30, etc. are all smart phones of China's Huawei (Huawei) company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1717",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30 pro \u003c10.1.0.135",
            "scope": null,
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c01e135r2p8\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p8\\)"
          },
          {
            "model": "tony-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.137\\(c00e137r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "tony-al00b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 \u003c10.1.0.135",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor magic2 \u003c10.1.0.137",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9076"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:tony-al00b_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          }
        ]
      },
      "cve": "CVE-2020-9076",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 4.9,
                "id": "CVE-2020-9076",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "High",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006781",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 4.9,
                "id": "CNVD-2020-52418",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.6,
                "id": "CVE-2020-9076",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006781",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9076",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006781",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-52418",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-878",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9076"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL. HUAWEI P30 , P30 Pro , Tony-AL00B There is an authentication vulnerability in.Information may be obtained and tampered with. Huawei P30, etc. are all smart phones of China\u0027s Huawei (Huawei) company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9076"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9076",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-878",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9076"
          }
        ]
      },
      "id": "VAR-202006-1717",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          }
        ],
        "trust": 1.1743549833333333
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:04:18.727000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200610-02-phone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en"
          },
          {
            "title": "Patch for Inappropriate authentication vulnerabilities in multiple Huawei products",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/234454"
          },
          {
            "title": "Multiple Huawei Product Authorization Issue Vulnerability Fixing Measures",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121108"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9076"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9076"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200610-02-phone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9076"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9076"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9076"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          },
          {
            "date": "2020-07-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "date": "2020-06-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          },
          {
            "date": "2020-06-15T16:15:23.270000",
            "db": "NVD",
            "id": "CVE-2020-9076"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52418"
          },
          {
            "date": "2020-07-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          },
          {
            "date": "2020-06-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          },
          {
            "date": "2024-11-21T05:39:59.047000",
            "db": "NVD",
            "id": "CVE-2020-9076"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Authentication vulnerabilities in smartphone products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006781"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-878"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-0064

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled. The Huawei P30 is a smartphone from China's Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-0064",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193\\(c00e190r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.193(c00e190r2p1)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.193"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.193c00e190r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5266"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5266",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-5266",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-46979",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-5266",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2019-5266",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5266",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5266",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-46979",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-911",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-5266",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5266"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled. The Huawei P30 is a smartphone from China\u0027s Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5266"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5266",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5266",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5266"
          }
        ]
      },
      "id": "VAR-201912-0064",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          }
        ],
        "trust": 1.1707672
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:34.530000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20191218-02-share",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-share-en"
          },
          {
            "title": "Patch for Huawei P30 Input Validation Error Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/195197"
          },
          {
            "title": "Huawei P30 Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106011"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Insufficient Input Validation Vulnerability in Huawei Share",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=c0789dc63095f594b02a450cf9f7168c"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5266"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-share-en"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-02-share-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5266"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5266"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5266"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5266"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "date": "2019-12-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5266"
          },
          {
            "date": "2020-01-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "date": "2019-12-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          },
          {
            "date": "2019-12-23T18:15:10.973000",
            "db": "NVD",
            "id": "CVE-2019-5266"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "date": "2019-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5266"
          },
          {
            "date": "2020-01-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013594"
          },
          {
            "date": "2019-12-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          },
          {
            "date": "2024-11-21T04:44:38.300000",
            "db": "NVD",
            "id": "CVE-2019-5266"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei P30 Input Validation Error Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-911"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-0974

    Vulnerability from variot - Updated: 2024-11-23 22:58

    HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operations. HUAWEI P30 Smartphones contain authentication vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-0974",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p11\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.135(c00e135r2p11)"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1813"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          }
        ]
      },
      "cve": "CVE-2020-1813",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1813",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006725",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1813",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006725",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1813",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006725",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202002-746",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1813"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operations. HUAWEI P30 Smartphones contain authentication vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1813"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1813",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-746",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1813"
          }
        ]
      },
      "id": "VAR-202006-0974",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5707672
      },
      "last_update_date": "2024-11-23T22:58:12.680000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200610-04-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-04-smartphone-en"
          },
          {
            "title": "Huawei NIP6800 , Secospace USG6600  and USG9500 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108180"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-746"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-306",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-287",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1813"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-04-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1813"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1813"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200212-02-firewall-cn"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1813"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1813"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "date": "2020-02-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-746"
          },
          {
            "date": "2020-06-15T15:15:09.583000",
            "db": "NVD",
            "id": "CVE-2020-1813"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          },
          {
            "date": "2021-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-746"
          },
          {
            "date": "2024-11-21T05:11:25.837000",
            "db": "NVD",
            "id": "CVE-2020-1813"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 Authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006725"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-746"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1058

    Vulnerability from variot - Updated: 2024-11-23 22:58

    HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Both Huawei P30 and Huawei P30 Pro are smartphones of China's Huawei (Huawei) company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1058",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p8\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.135(c00e135r2p8)"
          },
          {
            "model": "mate 30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.135(c00e135r2p11)"
          },
          {
            "model": "p30 \u003c10.1.0.135",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003c10.1.0.135",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          }
        ]
      },
      "cve": "CVE-2020-1834",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1834",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006750",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-52416",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1834",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006750",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1834",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006750",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-52416",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1198",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package\u0027s integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Both Huawei P30 and Huawei P30 Pro are smartphones of China\u0027s Huawei (Huawei) company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1834",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "id": "VAR-202006-1058",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          }
        ],
        "trust": 1.1819317166666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:12.580000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200617-01-smartphone ",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 and P30 Pro insufficient integrity check vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/234445"
          },
          {
            "title": "Huawei P30  and P30 Pro Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121887"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-354",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1834"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200617-01-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1834"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "date": "2020-07-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "date": "2020-06-18T14:15:11.187000",
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "date": "2020-07-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "date": "2020-08-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "date": "2024-11-21T05:11:27.567000",
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 and  P30 Pro Vulnerability in data integrity verification deficiency in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202007-1263

    Vulnerability from variot - Updated: 2024-11-23 22:58

    HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper authorization vulnerability. The software does not properly restrict certain operation in certain scenario, the attacker should do certain configuration before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function. Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8). HUAWEI Mate 20 There is an authentication vulnerability in smartphones.Information may be tampered with. Huawei Mate 20 is a smartphone launched by Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202007-1263",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c00e160r2p11)"
          },
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9251"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ding Yicong",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-9251",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9251",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-008711",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-46469",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9251",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.4,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-008711",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9251",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-008711",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-46469",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-1381",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9251",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9251"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper authorization vulnerability. The software does not properly restrict certain operation in certain scenario, the attacker should do certain configuration before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function. Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8). HUAWEI Mate 20 There is an authentication vulnerability in smartphones.Information may be tampered with. Huawei Mate 20 is a smartphone launched by Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9251"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9251",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "47941",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1381",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9251",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9251"
          }
        ]
      },
      "id": "VAR-202007-1263",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          }
        ],
        "trust": 1.2192102299999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:11.029000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200722-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200722-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 improper authorization vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/230836"
          },
          {
            "title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125178"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-287",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9251"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9251"
          },
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200722-02-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9251"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200722-02-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/47941"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9251"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9251"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "date": "2020-07-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9251"
          },
          {
            "date": "2020-09-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "date": "2020-07-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          },
          {
            "date": "2020-07-27T13:15:12.917000",
            "db": "NVD",
            "id": "CVE-2020-9251"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46469"
          },
          {
            "date": "2021-07-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9251"
          },
          {
            "date": "2020-09-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          },
          {
            "date": "2020-08-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          },
          {
            "date": "2024-11-21T05:40:16.453000",
            "db": "NVD",
            "id": "CVE-2020-9251"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 Authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008711"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1381"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202008-1048

    Vulnerability from variot - Updated: 2024-11-23 22:58

    HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged. plural Huawei There is an authentication vulnerability in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put in a state. Huawei Mate 20, Mate 20 Pro, Mate 20 X and Mate 20 RS are all smart phones of China's Huawei (Huawei) company.

    There are security vulnerabilities in many Huawei products, which are caused by the program's failure to correctly sign encrypted files. Attackers can use this vulnerability to forge files

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1048",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate pro \u003c10.1.0.270",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honor v20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e62r2p11\\)"
          },
          {
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.194\\(c00e62r8p12\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.175\\(c00e58r4p11\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "mate 20 rs",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c786e160r3p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.270\\(c431e7r1p5\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c636e7r2p4\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "honor magic 2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.187\\(c00e61r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.270\\(c635e3r1p5\\)"
          },
          {
            "model": "honor 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 20 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor magic 2",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor v20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 rs",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 x",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.1.0.273",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20x"
          },
          {
            "model": "p30 \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate rs \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honormagic \u003c10.0.0.187",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "2"
          },
          {
            "model": "honor \u003c10.0.0.175",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honor pro \u003c10.0.0.194",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honorv20 \u003c10.0.0.188",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "cve": "CVE-2020-9244",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9244",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-46459",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9244",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9244",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9244",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9244",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-46459",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202008-580",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged. plural Huawei There is an authentication vulnerability in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put in a state. Huawei Mate 20, Mate 20 Pro, Mate 20 X and Mate 20 RS are all smart phones of China\u0027s Huawei (Huawei) company. \n\r\n\r\nThere are security vulnerabilities in many Huawei products, which are caused by the program\u0027s failure to correctly sign encrypted files. Attackers can use this vulnerability to forge files",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9244",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "id": "VAR-202008-1048",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          }
        ],
        "trust": 1.2862094863636364
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:10.110000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200805-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
          },
          {
            "title": "Patch for Incorrect authentication vulnerabilities in multiple Huawei products",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/230800"
          },
          {
            "title": "Multiple Huawei Product Authorization Issue Vulnerability Fixing Measures",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126447"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9244"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200805-02-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "date": "2020-10-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "date": "2020-08-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "date": "2020-08-11T19:15:17.687000",
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "date": "2020-10-26T08:31:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "date": "2021-01-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "date": "2024-11-21T05:40:15.390000",
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202002-0214

    Vulnerability from variot - Updated: 2024-11-23 22:51

    In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715. Android contains a calculation error vulnerability. This vulnerability is Android ID: A-143894715 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0214",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "google",
            "version": "8.1"
          },
          {
            "model": "honor 8a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.291\\(c185e3r4p1\\)"
          },
          {
            "model": "mate 30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e74r3p8\\)"
          },
          {
            "model": "p20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.162\\(c00e156r1p4\\)"
          },
          {
            "model": "mate 30 pro 5g",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "honor view 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c636e3r4p3\\)"
          },
          {
            "model": "p smart",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193\\(c605e6r1p5t8\\)"
          },
          {
            "model": "honor 8x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.183\\(c185e2r6p1\\)"
          },
          {
            "model": "y6 pro 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.290\\(c636e5r3p1\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e74r2p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.196\\(c185e7r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.190\\(c432e22r2p5\\)"
          },
          {
            "model": "nova 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.338\\(c00e333r1p1t8\\)"
          },
          {
            "model": "y9 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.264\\(c185e2r5p1t8\\)"
          },
          {
            "model": "mate 30 5g",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "p20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.162\\(c00e156r1p4\\)"
          },
          {
            "model": "p smart 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.180\\(c185e3r4p1\\)"
          },
          {
            "model": "y6 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.290\\(c185e5r4p1\\)"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": "9.0"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e85r2p8\\)"
          },
          {
            "model": "nova lite 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.322\\(c635e8r2p2\\)"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": "10.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "10"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "nu11secur1ty",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-0022",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2020-0022",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-0022",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-0022",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-0022",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2020-0022",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-0022",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202002-366",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-0022",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715. Android contains a calculation error vulnerability. This vulnerability is Android ID: A-143894715 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-0022",
            "trust": 3.3
          },
          {
            "db": "PACKETSTORM",
            "id": "156891",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993",
            "trust": 0.8
          },
          {
            "db": "NSFOCUS",
            "id": "45798",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "49115",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-0022",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "id": "VAR-202002-0214",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.538734306
      },
      "last_update_date": "2024-11-23T22:51:30.464000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android\u00a0 Public information about security \u00a0-\u00a02020\u00a0 Year \u00a02\u00a0 Moon",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2020-02-01"
          },
          {
            "title": "Android Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110484"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Integer Overflow Vulnerability in Android affects Several Huawei Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=5ecb6a3686ddfa79c27cc2c950827f9f"
          },
          {
            "title": "CVE-2020-0022\nUpdate 1\nUpdate 2",
            "trust": 0.1,
            "url": "https://github.com/marcinguy/CVE-2020-0022 "
          },
          {
            "title": "https://github.com/Polo35/CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/Polo35/CVE-2020-0022 "
          },
          {
            "title": "Bluefrag_CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/k3vinlusec/Bluefrag_CVE-2020-0022 "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/devdanqtuan/poc-for-cve-2020-0022 "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/leommxj/cve-2020-0022 "
          },
          {
            "title": "AndroidBlueFragCVE",
            "trust": 0.1,
            "url": "https://github.com/sharif-dev/AndroidBlueFragCVE "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/5k1l/cve-2020-0022 "
          },
          {
            "title": "CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/themmokhtar/CVE-2020-0022 "
          },
          {
            "title": "CVE-2020-14292: A bluetooth transport issue in COVIDSafe App",
            "trust": 0.1,
            "url": "https://github.com/alwentiu/CVE-2020-14292 "
          },
          {
            "title": "https://github.com/seemoo-lab/frankenstein",
            "trust": 0.1,
            "url": "https://github.com/seemoo-lab/frankenstein "
          },
          {
            "title": "Protocol-Vulnerability\nRelated Resources\nContributors",
            "trust": 0.1,
            "url": "https://github.com/WinMin/Protocol-Vul "
          },
          {
            "title": "\u7b80\u4ecb\n\u5b89\u88c5\n\u4f7f\u7528\nhttpserver\u63a5\u53e3",
            "trust": 0.1,
            "url": "https://github.com/he1m4n6a/cve-db "
          },
          {
            "title": "Awesome Bluetooth Security (BR, EDR, LE, and Mesh)",
            "trust": 0.1,
            "url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
          },
          {
            "title": "Awesome Bluetooth Security (BR, EDR, LE, and Mesh)",
            "trust": 0.1,
            "url": "https://github.com/engn33r/awesome-bluetooth-security "
          },
          {
            "title": "\u6240\u6709\u6536\u96c6\u7c7b\u9879\u76ee\nAndroid\n\u76ee\u5f55\n\u8d44\u6e90\u6536\u96c6\n\u77e5\u540d\u5206\u6790\u5de5\u5177\n\u5404\u7c7bApp\nTopic\n\u5176\u4ed6\n\u5de5\u5177\n\u6587\u7ae0\n\u8d21\u732e",
            "trust": 0.1,
            "url": "https://github.com/alphaSeclab/android-security "
          },
          {
            "title": "OPSEC-Hall-of-fame \ud83d\ude0e",
            "trust": 0.1,
            "url": "https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame "
          },
          {
            "title": "CVE-Mitre\nDownload single CVE",
            "trust": 0.1,
            "url": "https://github.com/nu11secur1ty/CVE-mitre "
          },
          {
            "title": "CVE-Mitre\nDownload single CVE",
            "trust": 0.1,
            "url": "https://github.com/nu11secur1ty/CVE "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/soosmile/POC "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/developer3000S/PoC-in-GitHub "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/hectorgie/PoC-in-GitHub "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/0xT11/CVE-POC "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2020/02/07/android_bluetooth_flaw/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-682",
            "trust": 1.0
          },
          {
            "problemtype": "calculation error (CWE-682) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://source.android.com/security/bulletin/2020-02-01"
          },
          {
            "trust": 2.3,
            "url": "http://packetstormsecurity.com/files/156891/android-bluetooth-remote-denial-of-service.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
          },
          {
            "trust": 1.7,
            "url": "http://seclists.org/fulldisclosure/2020/feb/10"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-0022"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2020-31507"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/45798"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200513-03-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/49115"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/682.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/marcinguy/cve-2020-0022"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "date": "2020-03-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "date": "2020-02-13T15:15:11.780000",
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-02-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "date": "2024-02-27T07:11:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "date": "2020-09-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "date": "2024-11-21T04:52:45.763000",
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Android\u00a0 calculation error vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202104-0435

    Vulnerability from variot - Updated: 2024-11-23 22:51

    There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4). Huawei P30 is a smart phone of China's Huawei (Huawei) company. The vulnerability stems from the program's failure to properly validate the input file. Attackers use this vulnerability to cause abnormal program services

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0435",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30 10.0.0.190",
            "scope": null,
            "trust": 3.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 10.0.0.188",
            "scope": null,
            "trust": 1.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 10.0.0.186",
            "scope": null,
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.186\\(c461e4r3p1\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.190\\(c185e4r7p1\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e85r2p11\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c01e88r2p11\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.190\\(c636e4r3p4\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.186\\(c10e7r5p1\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.190\\(c605e19r1p3\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.192\\(c635e3r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c605e19r1p3\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.190\\(c431e22r2p5\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.190\\(c432e22r2p5\\)"
          },
          {
            "model": "p30 10.0.0.192",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22327"
          }
        ]
      },
      "cve": "CVE-2021-22327",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2021-22327",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2021-24911",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-22327",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-22327",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-24911",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202103-1737",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-22327",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-22327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22327"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4). Huawei P30 is a smart phone of China\u0027s Huawei (Huawei) company. The vulnerability stems from the program\u0027s failure to properly validate the input file. Attackers use this vulnerability to cause abnormal program services",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-22327"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-22327"
          }
        ],
        "trust": 1.53
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-22327",
            "trust": 2.3
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1737",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-22327",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-22327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22327"
          }
        ]
      },
      "id": "VAR-202104-0435",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          }
        ],
        "trust": 1.1707672
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:51:01.670000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Huawei P30 memory write vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/255971"
          },
          {
            "title": "Huawei P30 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146098"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-22327"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-smartphone-en"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20210331-01-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22327"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-22327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22327"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-22327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22327"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "date": "2021-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-22327"
          },
          {
            "date": "2021-03-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          },
          {
            "date": "2021-04-28T12:15:08.223000",
            "db": "NVD",
            "id": "CVE-2021-22327"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          },
          {
            "date": "2021-05-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-22327"
          },
          {
            "date": "2021-05-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          },
          {
            "date": "2024-11-21T05:49:55.117000",
            "db": "NVD",
            "id": "CVE-2021-22327"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei P30 memory write vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24911"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1737"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0619

    Vulnerability from variot - Updated: 2024-11-23 22:41

    There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China's Huawei.

    A denial of service vulnerability exists in versions before Huawei Honor10 Lite Harry-AL00C 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0619",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c461e2r2p1\\)"
          },
          {
            "model": "sydneym-l03",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.217\\(c605e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.259\\(c185e1r1p2t8\\)"
          },
          {
            "model": "nova lite 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.305\\(c635e8r2p2\\)"
          },
          {
            "model": "alp-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.321\\(c636e4r1p14t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e8r1p11t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "model": "alp-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.300\\(c432e4r1p9t8\\)"
          },
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c636e2r2p1\\)"
          },
          {
            "model": "p20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c185e1r1p9t8\\)"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e10r1p12t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c636e2r1p12t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c461e3r1p11t8\\)"
          },
          {
            "model": "jackman-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.247\\(c636e2r4p1t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c636e7r1p13t8\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.221\\(c461e1r1p1t8\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c636e3r2p1\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.330\\(c432e6r1p12t8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.131\\(c00e131r3p1\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "model": "cornell-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "sydneym-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.228\\(c00e78r1p7t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e3r1p14t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c185e3r1p12t8\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c432e3r1p12\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c185e4r1p11t8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c185e10r2p1\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c782e2r1p1t8\\)"
          },
          {
            "model": "honor view 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.238\\(c432e1r3p1\\)"
          },
          {
            "model": "paris-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c636e1r1p3t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c432e7r1p11t8\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.186\\(c00e180r2p1\\)"
          },
          {
            "model": "sydneym-l23",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.226\\(c605e2r1p1t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c605e2r1p12t8\\)"
          },
          {
            "model": "paris-l21b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c432e1r1p2t8\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.302\\(c635e4r1p13t8\\)"
          },
          {
            "model": "paris-l21meb",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c185e4r1p3t8\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c00e133r2p1\\)"
          },
          {
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.152\\(c00e150r5p1\\)"
          },
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c432e2r3p2\\)"
          },
          {
            "model": "sydney-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.258\\(c636e1r1p1t8\\)"
          },
          {
            "model": "sydney-l22br",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.258\\(c636e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c432e4r1p1t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.330\\(c461e1r1p9t8\\)"
          },
          {
            "model": "columbia-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c605e3r1p12t8\\)"
          },
          {
            "model": "y9 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.220\\(c605e3r1p1t8\\)"
          },
          {
            "model": "sydney-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p1t8\\)"
          },
          {
            "model": "alp-l29",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.315\\(c636e5r1p13t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.335\\(c636e3r1p13t8\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.270\\(c432e3r1p1t8\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c432e1r1p9t8\\)"
          },
          {
            "model": "honor 8x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.221\\(c461e2r1p1t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.220\\(c635e1r1p2t8\\)"
          },
          {
            "model": "berkeley-al20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c636e4r1p13t8\\)"
          },
          {
            "model": "honor v20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.234\\(c00e234r4p3\\)"
          },
          {
            "model": "sydney-l21br",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p2t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.216\\(c569e1r1p1t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e5r1p14t8\\)"
          },
          {
            "model": "mate 20 rs",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c786e133r3p1\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e3r3p1\\)"
          },
          {
            "model": "sydney-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.212\\(c00e62r1p7t8\\)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e4r1p11t8\\)"
          },
          {
            "model": "p20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "sydney-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c432e1r1p1t8\\)"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e2r1p12t8\\)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e8r1p11t8\\)"
          },
          {
            "model": "honor magic2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.187"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c605e4r1p12t8\\)"
          },
          {
            "model": "honor 10 lite",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.283\\(c605e8r2p2\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "huawei",
            "version": "9.1.0.350(c10e3r1p14t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "huawei",
            "version": "9.1.0.350(c636e4r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "huawei",
            "version": "9.1.0.302(c635e4r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "huawei",
            "version": "9.1.0.321(c636e4r1p14t8)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.333(c00e333r2p1t8)"
          },
          {
            "model": "alp-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.300(c432e4r1p9t8)"
          },
          {
            "model": "alp-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.315(c636e5r1p13t8)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.333(c00e333r2p1t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.351(c432e5r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.330(c432e6r1p12t8)"
          },
          {
            "model": "honor10 lite \u003charry-al00c 9.1.0.217",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "y9 \u003cjackman-l23 9.1.0.220",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.1.18d(c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.106(c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.113(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.113(sp3c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.113(sp7c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.118(c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.120(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.125(sp1c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.125(sp3c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.126(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.126(sp5c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.127(sp1c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.128(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.129"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.129(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.153(c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.336(c00)"
          },
          {
            "model": "alp-l09",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.105(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.111(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.112d(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.116(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.119(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.119d(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.122(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.132(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.132d(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.142(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.151(c00)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.127(c432)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.137(c432)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c185e4r1p11t8)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.325(c185e4r1p11t8)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.335(c636e3r1p13t8)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.336(c605e3r1p12t8)"
          },
          {
            "model": "columbia-al10b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.163(c00)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.146(c461)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.148(c185)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.151(c10)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.151(c432)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.350(c10e5r1p14t8)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.350(c185e3r1p12t8)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.350(c461e3r1p11t8)"
          },
          {
            "model": "cornell-l29a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.328(c185e1r1p9t8)"
          },
          {
            "model": "cornell-l29a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.328(c432e1r1p9t8)"
          },
          {
            "model": "cornell-l29a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.328(c636e2r1p12t8)"
          },
          {
            "model": "emily-l09c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emily-l09c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c185e2r1p12t8)"
          },
          {
            "model": "emily-l09c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.336(c605e4r1p12t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.132a(c432)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.135(c782)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.154(c10)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.154(c461)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.154(c635)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.156(c185)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.156(c605)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.159(c636)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c10e2r1p13t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c185e2r1p12t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c432e7r1p11t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c461e2r1p11t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c605e2r1p12t8)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.0.0.206(c185e3r3p1)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.0.0.207(c636e3r2p1)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.0.0.208(c432e3r1p12)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.310(c432e3r1p12)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.310(c636e3r2p1)"
          },
          {
            "model": "honor 10 lite",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 10 lite",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.217(c00e215r3p1)"
          },
          {
            "model": "honor 8x",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 8x",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.217(c00e15r3p2t8)"
          },
          {
            "model": "honor magic2",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor magic2",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "10.0.0.175(c00e59r2p11)"
          },
          {
            "model": "honor v20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor v20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.0.1.161(c00e161r2p2)"
          },
          {
            "model": "jackman-l22",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.2.0.156(c636r2p2)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 pro",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 pro",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.135(c00e133r3p1)"
          },
          {
            "model": "mate 20 rs",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.109"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.120"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.121"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.128"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.130"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.171(c00)"
          },
          {
            "model": "p20 pro",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "sydney-l21",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.213(c185e1r1p1t8)"
          },
          {
            "model": "sydneym-l01",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.213(c185e1r1p1t8)"
          },
          {
            "model": "sydneym-l01",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.215(c782e2r1p1t8)"
          },
          {
            "model": "sydneym-l21",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.215(c432e4r1p1t8)"
          },
          {
            "model": "sydneym-l22",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.216(c569e1r1p1t8)"
          },
          {
            "model": "sydneym-l22",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.220(c635e1r1p2t8)"
          },
          {
            "model": "y9 2019",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "y9 2019",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.2.0.160(c185r2p2)"
          },
          {
            "model": "y9 2019",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.2.0.162(c605)"
          },
          {
            "model": "y9 2019",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.2.0.163(c605)"
          },
          {
            "model": "yale-l21a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.154(c432e2r3p2)"
          },
          {
            "model": "yale-l21a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.154(c461e2r2p1)"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-al00b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-l09_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:berkeley-al20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:berkeley-l09_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:bla-l29c_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "These two vulnerabilities were discovered by Huawei internal testing.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5303",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2019-5303",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 2.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015526",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.6,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.2,
                "id": "CNVD-2019-44785",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2019-5303",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015526",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5303",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015526",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-44785",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-1092",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-5303",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China\u0027s Huawei. \n\nA denial of service vulnerability exists in versions before Huawei Honor10 Lite Harry-AL00C 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5303",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "id": "VAR-202004-0619",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          }
        ],
        "trust": 1.1828954514285712
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:07.750000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190814-01-mobile",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
          },
          {
            "title": "Patch for Huawei Honor10 Lite and Huawei Y9 Denial of Service Vulnerability (CNVD-2019-44785)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/193773"
          },
          {
            "title": "Huawei Honor10 Lite  and Huawei Y9 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96758"
          },
          {
            "title": "Huawei Security Advisories: Two Denial of Service Vulnerabilities on Some Huawei Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=88453f1b990572fac17211a1a9b849ea"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5303"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190814-01-mobile-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5303"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165364"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "date": "2020-04-27T20:15:12.397000",
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "date": "2020-09-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "date": "2024-11-21T04:44:42.557000",
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Input verification vulnerabilities on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201906-0051

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107). Vendors have confirmed this vulnerability HWPSIRT-2019-04107 It is released as.Information may be obtained and information may be altered. (NAS COUNT)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0051",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "ele-al00_9.1.0.162"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "vog-al00_9.1.0.162"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "vog-al00 9.1.0.162(c01e160r1p12/c01e160r2p1)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "ele-al00 9.1.0.162(c01e160r1p12/c01e160r2p1)"
          },
          {
            "model": "p30 \u003cele-al00 9.1.0.162",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003cvog-al00 9.1.0.162",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5307"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          }
        ]
      },
      "cve": "CVE-2019-5307",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CVE-2019-5307",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.2,
                "id": "CNVD-2019-33621",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.6,
                "id": "CVE-2019-5307",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5307",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5307",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33621",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201906-059",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5307"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107). Vendors have confirmed this vulnerability HWPSIRT-2019-04107 It is released as.Information may be obtained and information may be altered. (NAS COUNT)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5307"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5307",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-059",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5307"
          }
        ]
      },
      "id": "VAR-201906-0051",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          }
        ],
        "trust": 1.3895324625
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:51.893000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190529-01-replay",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en"
          },
          {
            "title": "Patch for Huawei P30 and Huawei P30 Pro message replay vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/182835"
          },
          {
            "title": "Huawei P30  and Huawei P30 Pro Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93150"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-294",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5307"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5307"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5307"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5307"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5307"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          },
          {
            "date": "2019-06-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "date": "2019-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          },
          {
            "date": "2019-06-04T19:29:00.727000",
            "db": "NVD",
            "id": "CVE-2019-5307"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33621"
          },
          {
            "date": "2019-06-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          },
          {
            "date": "2024-11-21T04:44:43.213000",
            "db": "NVD",
            "id": "CVE-2019-5307"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei P30 and  P30 Pro Access control vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005132"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-059"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0834

    Vulnerability from variot - Updated: 2024-11-23 22:37

    P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could cause malicious code execution. P30 Smartphones are vulnerable to insufficient validation of data reliability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Huawei P30 is a smartphone from China's Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0834",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "elle-al00b 9.1.0.193(c00e190r2p1)"
          },
          {
            "model": "p30 \u003celle-al00b 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.193c00e190r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.186c00e180r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193c00e190r1p21"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.226c00e220r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "10.0.0.166c00e66r1p11"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "10.0.0.173c00e73r1p11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5229"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          }
        ]
      },
      "cve": "CVE-2019-5229",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-5229",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "MULTIPLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.2,
                "id": "CNVD-2019-33472",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:H/Au:M/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.3,
                "id": "CVE-2019-5229",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.2,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5229",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5229",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5229",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33472",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-1192",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5229"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could cause malicious code execution. P30 Smartphones are vulnerable to insufficient validation of data reliability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Huawei P30 is a smartphone from China\u0027s Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5229"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5229",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1192",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5229"
          }
        ]
      },
      "id": "VAR-201911-0834",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          }
        ],
        "trust": 1.3853836
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:36.323000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190925-02-smartphone",
            "trust": 0.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 Insufficient Verification Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/182403"
          },
          {
            "title": "Huawei P30 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98599"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-345",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5229"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-02-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5229"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190925-02-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5229"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5229"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5229"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-27T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          },
          {
            "date": "2019-11-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "date": "2019-09-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          },
          {
            "date": "2019-11-12T23:15:10.347000",
            "db": "NVD",
            "id": "CVE-2019-5229"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-27T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33472"
          },
          {
            "date": "2019-11-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          },
          {
            "date": "2019-11-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          },
          {
            "date": "2024-11-21T04:44:33.997000",
            "db": "NVD",
            "id": "CVE-2019-5229"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30 Vulnerability related to insufficient verification of data reliability on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011976"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "data forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1192"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-0509

    Vulnerability from variot - Updated: 2024-11-23 22:37

    HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1P11) have an information leak vulnerability. An attacker could send specific command in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause information leak. Huawei P30 Smartphones contain information disclosure vulnerabilities.Information may be obtained. The Huawei P30 is a smartphone from China's Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-0509",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.166\\(c00e66r1p11\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.166(c00e66r1p11)"
          },
          {
            "model": "p30 \u003c10.0.0.166",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.193c00e190r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.226c00e220r2p1"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-19441"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-19441",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-19441",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2020-02947",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-19441",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-19441",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-19441",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-19441",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-02947",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202001-044",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-19441"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1P11) have an information leak vulnerability. An attacker could send specific command in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause information leak. Huawei P30 Smartphones contain information disclosure vulnerabilities.Information may be obtained. The Huawei P30 is a smartphone from China\u0027s Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-19441"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-19441",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-19441"
          }
        ]
      },
      "id": "VAR-202001-0509",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          }
        ],
        "trust": 1.1707672
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:34.321000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200102-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 Information Disclosure Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/197033"
          },
          {
            "title": "Huawei P30 Repair measures for information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106187"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-200",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-19441"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-02-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19441"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200102-02-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19441"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-19441"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-19441"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "date": "2020-01-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "date": "2020-01-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          },
          {
            "date": "2020-01-03T15:15:11.930000",
            "db": "NVD",
            "id": "CVE-2019-19441"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "date": "2020-01-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001011"
          },
          {
            "date": "2020-01-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          },
          {
            "date": "2024-11-21T04:34:44.910000",
            "db": "NVD",
            "id": "CVE-2019-19441"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei P30 Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02947"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-044"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0265

    Vulnerability from variot - Updated: 2024-11-23 22:33

    P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution. P30 Smartphones contain an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Huawei P30 is a smartphone from China's Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0265",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "elle-al00b 9.1.0.193(c00e190r2p1)"
          },
          {
            "model": "p30 \u003celle-al00b 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.193c00e190r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.186c00e180r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193c00e190r1p21"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.226c00e220r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "10.0.0.166c00e66r1p11"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "10.0.0.173c00e73r1p11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5288"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          }
        ]
      },
      "cve": "CVE-2019-5288",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5288",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2019-33477",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5288",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5288",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5288",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5288",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33477",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-1203",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5288"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution. P30 Smartphones contain an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Huawei P30 is a smartphone from China\u0027s Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5288"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5288",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5288"
          }
        ]
      },
      "id": "VAR-201911-0265",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          }
        ],
        "trust": 1.3853836
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:40.388000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190925-01-smartphone",
            "trust": 0.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 Plastic Overflow Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/182415"
          },
          {
            "title": "Huawei P30 Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98608"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5288"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5288"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190925-01-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5288"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5288"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5288"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-27T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          },
          {
            "date": "2019-11-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "date": "2019-09-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          },
          {
            "date": "2019-11-13T15:15:10.400000",
            "db": "NVD",
            "id": "CVE-2019-5288"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-27T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33477"
          },
          {
            "date": "2019-11-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          },
          {
            "date": "2019-11-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          },
          {
            "date": "2024-11-21T04:44:40.677000",
            "db": "NVD",
            "id": "CVE-2019-5288"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30 Integer overflow vulnerability in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012018"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-1203"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0829

    Vulnerability from variot - Updated: 2024-11-23 22:33

    P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21) have an out of bounds read vulnerability. The system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause out of bounds read and information disclosure. The Huawei P30 is a smartphone from China's Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0829",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193\\(c00e190r1p21\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "elle-al00b 9.1.0.193(c00e190r1p21)"
          },
          {
            "model": "p30 \u003celle-al00b 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5224"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by an external researcher.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5224",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5224",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2019-33607",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5224",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5224",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5224",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5224",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33607",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-1740",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5224"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21) have an out of bounds read vulnerability. The system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause out of bounds read and information disclosure. The Huawei P30 is a smartphone from China\u0027s Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5224"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5224",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5224"
          }
        ]
      },
      "id": "VAR-201911-0829",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          }
        ],
        "trust": 1.3853836
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:39.539000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190821-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-03-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 read out of bounds vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/182797"
          },
          {
            "title": "Huawei P30 Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97324"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5224"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-03-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5224"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190821-03-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5224"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5224"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5224"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          },
          {
            "date": "2019-12-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "date": "2019-08-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          },
          {
            "date": "2019-11-29T20:15:11.097000",
            "db": "NVD",
            "id": "CVE-2019-5224"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33607"
          },
          {
            "date": "2019-12-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          },
          {
            "date": "2019-12-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          },
          {
            "date": "2024-11-21T04:44:33.387000",
            "db": "NVD",
            "id": "CVE-2019-5224"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30 Smartphone out-of-bounds vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012818"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1740"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-0063

    Vulnerability from variot - Updated: 2024-11-23 22:33

    Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage. The Huawei P30 is a smartphone from China's Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-0063",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193\\(c00e190r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.193(c00e190r2p1)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.193"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.193c00e190r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5265"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5265",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-5265",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-46978",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-5265",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5265",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5265",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5265",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-46978",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-909",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5265"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage. The Huawei P30 is a smartphone from China\u0027s Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5265"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5265",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5265"
          }
        ]
      },
      "id": "VAR-201912-0063",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          }
        ],
        "trust": 1.1707672
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:38.714000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20191218-01-share",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-01-share-en"
          },
          {
            "title": "Patch for Huawei P30 Access Control Error Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/195199"
          },
          {
            "title": "Huawei P30 Fixes for access control error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106010"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-200",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5265"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-01-share-en"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191218-01-share-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5265"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5265"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5265"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5265"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "date": "2020-01-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "date": "2019-12-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          },
          {
            "date": "2019-12-23T18:15:10.880000",
            "db": "NVD",
            "id": "CVE-2019-5265"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "date": "2020-01-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013593"
          },
          {
            "date": "2019-12-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          },
          {
            "date": "2024-11-21T04:44:38.183000",
            "db": "NVD",
            "id": "CVE-2019-5265"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei P30 Access Control Error Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-46978"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-909"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202007-1274

    Vulnerability from variot - Updated: 2024-11-23 22:33

    HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. The system does not improper check signature of specific software package, an attacker may exploit this vulnerability to load a crafted software package to the device. Huawei P30 is a smart phone of China's Huawei (Huawei) company.

    There is a security vulnerability in Huawei P30 10.1.0.135 (C00E135R2P11)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202007-1274",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p11\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.135(c00e135r2p11)"
          },
          {
            "model": "p30 \u003c10.1.0.135",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9226"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          }
        ]
      },
      "cve": "CVE-2020-9226",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-9226",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-007479",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-52414",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9226",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-007479",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9226",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-007479",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-52414",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-101",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9226",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9226"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. The system does not improper check signature of specific software package, an attacker may exploit this vulnerability to load a crafted software package to the device. Huawei P30 is a smart phone of China\u0027s Huawei (Huawei) company. \n\r\n\r\nThere is a security vulnerability in Huawei P30 10.1.0.135 (C00E135R2P11)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9226"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9226",
            "trust": 3.1
          },
          {
            "db": "NSFOCUS",
            "id": "47056",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-101",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9226",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9226"
          }
        ]
      },
      "id": "VAR-202007-1274",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          }
        ],
        "trust": 1.1707672
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:24.064000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200701-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 data forgery issue vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/233965"
          },
          {
            "title": "Huawei P30 Repair measures for data forgery problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123469"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-347",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9226"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-02-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9226"
          },
          {
            "trust": 1.2,
            "url": "http://www.nsfocus.net/vulndb/47056"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9226"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200701-02-smartphone-cn"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/347.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9226"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9226"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "date": "2020-07-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9226"
          },
          {
            "date": "2020-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "date": "2020-07-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          },
          {
            "date": "2020-07-06T19:15:12.713000",
            "db": "NVD",
            "id": "CVE-2020-9226"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52414"
          },
          {
            "date": "2020-07-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9226"
          },
          {
            "date": "2020-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          },
          {
            "date": "2020-07-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          },
          {
            "date": "2024-11-21T05:40:11.470000",
            "db": "NVD",
            "id": "CVE-2020-9226"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 Digital Signature Verification Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007479"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "data forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-101"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202007-1358

    Vulnerability from variot - Updated: 2024-11-23 22:33

    HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information exposure vulnerability. The system does not properly authenticate the application that access a specified interface. Attackers can trick users into installing malicious software to exploit this vulnerability and obtain some information about the device. Successful exploit may cause information disclosure. Huawei P30 is a smart phone launched by Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202007-1358",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c00e160r2p11)"
          },
          {
            "model": "p30 \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9077"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          }
        ]
      },
      "cve": "CVE-2020-9077",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-9077",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-008710",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-46468",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9077",
                "impactScore": 1.4,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.3,
                "baseSeverity": "Low",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-008710",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9077",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-008710",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-46468",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-1385",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9077",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9077"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9077"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information exposure vulnerability. The system does not properly authenticate the application that access a specified interface. Attackers can trick users into installing malicious software to exploit this vulnerability and obtain some information about the device. Successful exploit may cause information disclosure. Huawei P30 is a smart phone launched by Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9077"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9077"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9077",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "47939",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1385",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9077",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9077"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9077"
          }
        ]
      },
      "id": "VAR-202007-1358",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          }
        ],
        "trust": 1.1707672
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:23.990000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200722-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200722-03-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 information disclosure vulnerability (CNVD-2020-46468)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/230833"
          },
          {
            "title": "Huawei P30 Repair measures for information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124794"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-200",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9077"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9077"
          },
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200722-03-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9077"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200722-03-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/47939"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/287.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9077"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9077"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9077"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9077"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "date": "2020-07-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9077"
          },
          {
            "date": "2020-09-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "date": "2020-07-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          },
          {
            "date": "2020-07-27T13:15:12.857000",
            "db": "NVD",
            "id": "CVE-2020-9077"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46468"
          },
          {
            "date": "2021-07-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9077"
          },
          {
            "date": "2020-09-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          },
          {
            "date": "2020-08-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          },
          {
            "date": "2024-11-21T05:39:59.177000",
            "db": "NVD",
            "id": "CVE-2020-9077"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 Vulnerabilities related to information leakage in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008710"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1385"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-1165

    Vulnerability from variot - Updated: 2024-11-23 22:33

    HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution. HUAWEI Mate 30 and HUAWEI P30 Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Mate 30 is a smart phone of China's Huawei (Huawei) company.

    There is a security vulnerability in Huawei Mate 30 10.1.0.150 (C00E136R5P3). The vulnerability is caused by the system using the released memory. Attackers can use this vulnerability to execute code with the help of specially crafted applications. Huawei products could allow a local authenticated malicious user to execute arbitrary code on the system, caused by a use-after-free vulnerability

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1165",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.150\\(c00e136r5p3\\)"
          },
          {
            "model": "mate 30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate \u003c10.1.0.150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9263"
          }
        ]
      },
      "cve": "CVE-2020-9263",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-9263",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-52412",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9263",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9263",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9263",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9263",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-52412",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-089",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9263",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9263"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution. HUAWEI Mate 30 and HUAWEI P30 Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Mate 30 is a smart phone of China\u0027s Huawei (Huawei) company. \n\r\n\r\nThere is a security vulnerability in Huawei Mate 30 10.1.0.150 (C00E136R5P3). The vulnerability is caused by the system using the released memory. Attackers can use this vulnerability to execute code with the help of specially crafted applications. Huawei products could allow a local authenticated malicious user to execute arbitrary code on the system, caused by a use-after-free vulnerability",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9263"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9263",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "47061",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-089",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9263",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9263"
          }
        ]
      },
      "id": "VAR-202010-1165",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          }
        ],
        "trust": 1.2192102299999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:16.362000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200701-07-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-07-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 30 UAF vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/234412"
          },
          {
            "title": "Huawei Mate 30 Remediation of resource management error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=122885"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-416",
            "trust": 1.0
          },
          {
            "problemtype": "Use of freed memory (CWE-416) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9263"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-07-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9263"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200701-07-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/47061"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/416.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184424"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9263"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9263"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "date": "2020-10-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9263"
          },
          {
            "date": "2021-05-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "date": "2020-07-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          },
          {
            "date": "2020-10-19T20:15:13.323000",
            "db": "NVD",
            "id": "CVE-2020-9263"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52412"
          },
          {
            "date": "2020-10-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9263"
          },
          {
            "date": "2021-05-10T07:32:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          },
          {
            "date": "2020-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          },
          {
            "date": "2024-11-21T05:40:17.970000",
            "db": "NVD",
            "id": "CVE-2020-9263"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI\u00a0Mate\u00a030\u00a0 and \u00a0HUAWEI\u00a0P30\u00a0 Vulnerabilities in the use of freed memory",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012482"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-089"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1096

    Vulnerability from variot - Updated: 2024-11-23 22:29

    HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful exploit could allow the attacker do certain unauthenticated operations. Huawei smartphone P30 Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei P30 is a smart phone of China's Huawei company. Attackers use this vulnerability to perform unauthenticated operations by enticing users to install specially crafted applications

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1096",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.185\\(c00e85r1p11\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.185(c00e85r1p11)"
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1800"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          }
        ]
      },
      "cve": "CVE-2020-1800",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-1800",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003428",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-19934",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-1800",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003428",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1800",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003428",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-19934",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1618",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1800"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful exploit could allow the attacker do certain unauthenticated operations. Huawei smartphone P30 Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei P30 is a smart phone of China\u0027s Huawei company. Attackers use this vulnerability to perform unauthenticated operations by enticing users to install specially crafted applications",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1800"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1800",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1618",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1800"
          }
        ]
      },
      "id": "VAR-202003-1096",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          }
        ],
        "trust": 1.1707672
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:29:41.276000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200325-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200325-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 Access Control Error Vulnerability (CNVD-2020-19934)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211351"
          },
          {
            "title": "Huawei P30 Fixes for access control error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113023"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1800"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1800"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200325-02-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1800"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200325-02-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1800"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1800"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "date": "2020-03-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          },
          {
            "date": "2020-03-26T15:15:24.617000",
            "db": "NVD",
            "id": "CVE-2020-1800"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-19934"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          },
          {
            "date": "2020-03-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          },
          {
            "date": "2024-11-21T05:11:24.277000",
            "db": "NVD",
            "id": "CVE-2020-1800"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei smartphone  P30 Unauthorized authentication vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003428"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1618"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1394

    Vulnerability from variot - Updated: 2024-11-23 22:29

    There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. plural Huawei The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1394",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "yale-tl00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r8p12\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c636e7r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c10e7r5p1\\)"
          },
          {
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.231\\(c10e3r3p2\\)"
          },
          {
            "model": "yale-l61a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.226\\(c10e3r1p1\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.270\\(c635e3r1p5\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c636e7r3p4\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c185e7r2p4\\)"
          },
          {
            "model": "yalep-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r8p12\\)"
          },
          {
            "model": "princeton-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.270\\(c432e7r1p5\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c636e5r3p4\\)"
          },
          {
            "model": "hima-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.275\\(c10e4r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c605e19r1p3\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "laya-al00ep",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c786e160r3p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.277\\(c10e7r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.272\\(c635e4r2p2\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.230\\(c432e9r5p1\\)"
          },
          {
            "model": "tony-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.277\\(c605e7r1p5\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.123\\(c432e22r2p5\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c185e4r7p1\\)"
          },
          {
            "model": "hima-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c185e5r2p4\\)"
          },
          {
            "model": "yale-l61a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.225\\(c432e3r1p2\\)"
          },
          {
            "model": "hima-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c636e5r2p4\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "tony-al00b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "princeton-al10b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 20 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "laya-al00ep",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "hima-l29c",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 x",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "cve": "CVE-2020-9247",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-9247",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9247",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9247",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9247",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9247",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-1901",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. plural Huawei The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9247",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "id": "VAR-202012-1394",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.49300468750000004
      },
      "last_update_date": "2024-11-23T22:29:21.018000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200729-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
          },
          {
            "title": "Repair measures for Huawei buffer error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129041"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9247"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200729-03-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "date": "2020-07-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "date": "2020-12-07T13:15:11.123000",
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-03T04:39:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "date": "2021-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "date": "2024-11-21T05:40:15.980000",
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202002-0578

    Vulnerability from variot - Updated: 2024-11-23 22:21

    HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P11) have an improper authentication vulnerability. Due to improperly validation of certain application, an attacker should trick the user into installing a malicious application to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations. HUAWEI P30 Smartphones contain authentication vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. The Huawei P30 is a smartphone from China's Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0578",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.173\\(c00e73r1p11\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.173(c00e73r1p11)"
          },
          {
            "model": "p30 \u003c10.0.0.173",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.193c00e190r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.226c00e220r2p1"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "10.0.0.166c00e66r1p11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1812"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by Huawei internal testing.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-1812",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-1812",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-002082",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-03248",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-1812",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-002082",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1812",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-002082",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-03248",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202001-884",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1812"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P11) have an improper authentication vulnerability. Due to improperly validation of certain application, an attacker should trick the user into installing a malicious application to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations. HUAWEI P30 Smartphones contain authentication vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. The Huawei P30 is a smartphone from China\u0027s Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1812"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1812",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1812"
          }
        ]
      },
      "id": "VAR-202002-0578",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          }
        ],
        "trust": 1.1707672
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:20.497000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200120-01-smartphone",
            "trust": 0.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200120-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 inappropriate authentication vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/198623"
          },
          {
            "title": "Huawei P30 Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=107194"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1812"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200120-01-smartphone-en"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200120-01-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1812"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1812"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200212-01-firewall-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1812"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1812"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          },
          {
            "date": "2020-03-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "date": "2020-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          },
          {
            "date": "2020-02-18T03:15:11.123000",
            "db": "NVD",
            "id": "CVE-2020-1812"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03248"
          },
          {
            "date": "2020-03-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          },
          {
            "date": "2020-02-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          },
          {
            "date": "2024-11-21T05:11:25.710000",
            "db": "NVD",
            "id": "CVE-2020-1812"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 Authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002082"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-884"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0618

    Vulnerability from variot - Updated: 2024-11-23 22:21

    There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China's Huawei.

    A denial of service vulnerability exists in Huawei Honor10 Lite Harry-AL00C versions earlier than 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8). The vulnerability stems from the fact that the two fields are not duplicated when parsing

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0618",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c461e2r2p1\\)"
          },
          {
            "model": "sydneym-l03",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.217\\(c605e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.259\\(c185e1r1p2t8\\)"
          },
          {
            "model": "nova lite 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.305\\(c635e8r2p2\\)"
          },
          {
            "model": "alp-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.321\\(c636e4r1p14t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e8r1p11t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "model": "alp-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.300\\(c432e4r1p9t8\\)"
          },
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c636e2r2p1\\)"
          },
          {
            "model": "p20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c185e1r1p9t8\\)"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e10r1p12t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c636e2r1p12t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c461e3r1p11t8\\)"
          },
          {
            "model": "jackman-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.247\\(c636e2r4p1t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c636e7r1p13t8\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.221\\(c461e1r1p1t8\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c636e3r2p1\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.330\\(c432e6r1p12t8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.131\\(c00e131r3p1\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "model": "cornell-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "sydneym-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.228\\(c00e78r1p7t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e3r1p14t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c185e3r1p12t8\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c432e3r1p12\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c185e4r1p11t8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c185e10r2p1\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c782e2r1p1t8\\)"
          },
          {
            "model": "honor view 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.238\\(c432e1r3p1\\)"
          },
          {
            "model": "paris-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c636e1r1p3t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c432e7r1p11t8\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.186\\(c00e180r2p1\\)"
          },
          {
            "model": "sydneym-l23",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.226\\(c605e2r1p1t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c605e2r1p12t8\\)"
          },
          {
            "model": "paris-l21b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c432e1r1p2t8\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.302\\(c635e4r1p13t8\\)"
          },
          {
            "model": "paris-l21meb",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c185e4r1p3t8\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c00e133r2p1\\)"
          },
          {
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.152\\(c00e150r5p1\\)"
          },
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c432e2r3p2\\)"
          },
          {
            "model": "sydney-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.258\\(c636e1r1p1t8\\)"
          },
          {
            "model": "sydney-l22br",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.258\\(c636e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c432e4r1p1t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.330\\(c461e1r1p9t8\\)"
          },
          {
            "model": "columbia-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c605e3r1p12t8\\)"
          },
          {
            "model": "y9 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.220\\(c605e3r1p1t8\\)"
          },
          {
            "model": "sydney-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p1t8\\)"
          },
          {
            "model": "alp-l29",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.315\\(c636e5r1p13t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.335\\(c636e3r1p13t8\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.270\\(c432e3r1p1t8\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c432e1r1p9t8\\)"
          },
          {
            "model": "honor 8x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.221\\(c461e2r1p1t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.220\\(c635e1r1p2t8\\)"
          },
          {
            "model": "berkeley-al20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c636e4r1p13t8\\)"
          },
          {
            "model": "honor v20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.234\\(c00e234r4p3\\)"
          },
          {
            "model": "sydney-l21br",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p2t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.216\\(c569e1r1p1t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e5r1p14t8\\)"
          },
          {
            "model": "mate 20 rs",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c786e133r3p1\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e3r3p1\\)"
          },
          {
            "model": "sydney-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.212\\(c00e62r1p7t8\\)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e4r1p11t8\\)"
          },
          {
            "model": "p20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "sydney-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c432e1r1p1t8\\)"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e2r1p12t8\\)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e8r1p11t8\\)"
          },
          {
            "model": "honor magic2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.187"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c605e4r1p12t8\\)"
          },
          {
            "model": "honor 10 lite",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.283\\(c605e8r2p2\\)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.333(c00e333r2p1t8)"
          },
          {
            "model": "alp-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.300(c432e4r1p9t8)"
          },
          {
            "model": "alp-l29",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.315(c636e5r1p13t8)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.333(c00e333r2p1t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.350(c10e3r1p14t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.350(c636e4r1p13t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.351(c432e5r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.302(c635e4r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.321(c636e4r1p14t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.330(c432e6r1p12t8)"
          },
          {
            "model": "honor10 lite \u003charry-al00c 9.1.0.217",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "y9 \u003cjackman-l23 9.1.0.220",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-al00b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-l09_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-l29_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:berkeley-al20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:berkeley-l09_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:bla-l29c_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "These two vulnerabilities were discovered by Huawei internal testing.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5302",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2019-5302",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 2.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015525",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2019-33609",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2019-5302",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015525",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5302",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015525",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33609",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-1095",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-5302",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China\u0027s Huawei. \n\nA denial of service vulnerability exists in Huawei Honor10 Lite Harry-AL00C versions earlier than 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8). The vulnerability stems from the fact that the two fields are not duplicated when parsing ",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5302",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "id": "VAR-202004-0618",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          }
        ],
        "trust": 1.1828954514285714
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:13.412000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190814-01-mobile",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
          },
          {
            "title": "Patch for Huawei Honor10 Lite and Huawei Y9 Denial of Service Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/182801"
          },
          {
            "title": "Huawei Honor10 Lite  and Huawei Y9 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96759"
          },
          {
            "title": "Huawei Security Advisories: Two Denial of Service Vulnerabilities on Some Huawei Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=88453f1b990572fac17211a1a9b849ea"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5302"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190814-01-mobile-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5302"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "date": "2020-04-27T20:15:12.337000",
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "date": "2020-09-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "date": "2024-11-21T04:44:42.343000",
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Input verification vulnerabilities on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202007-0976

    Vulnerability from variot - Updated: 2024-11-23 22:21

    HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure. Attackers can use this vulnerability to obtain information by forging a WI-FI hotspot

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202007-0976",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c00e160r2p8)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c00e160r2p11)"
          },
          {
            "model": "p30 \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1836"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          }
        ]
      },
      "cve": "CVE-2020-1836",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CVE-2020-1836",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.9,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-007480",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2020-51528",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.6,
                "id": "CVE-2020-1836",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-007480",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1836",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-007480",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-51528",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-274",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1836"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function\u0027s default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure. Attackers can use this vulnerability to obtain information by forging a WI-FI hotspot",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1836"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1836",
            "trust": 3.0
          },
          {
            "db": "NSFOCUS",
            "id": "47099",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1836"
          }
        ]
      },
      "id": "VAR-202007-0976",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          }
        ],
        "trust": 1.179064925
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:04.828000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200624-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 and P30 Pro information disclosure vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/233299"
          },
          {
            "title": "Huawei P30  and P30 Pro Repair measures for information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123514"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-200",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1836"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1836"
          },
          {
            "trust": 1.2,
            "url": "http://www.nsfocus.net/vulndb/47099"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1836"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1836"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1836"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "date": "2020-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          },
          {
            "date": "2020-07-06T19:15:12.400000",
            "db": "NVD",
            "id": "CVE-2020-1836"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "date": "2020-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-007480"
          },
          {
            "date": "2022-03-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          },
          {
            "date": "2024-11-21T05:11:27.817000",
            "db": "NVD",
            "id": "CVE-2020-1836"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei P30 and P30 Pro information disclosure vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51528"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-274"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202008-1049

    Vulnerability from variot - Updated: 2024-11-23 22:21

    HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function. HUAWEI P30 and P30 Pro Exists in a fraudulent authentication vulnerability.Service operation interruption (DoS) It may be put into a state. Both Huawei P30 and Huawei P30 Pro are smartphones of China's Huawei (Huawei) company. The vulnerability is caused by incorrect authorization

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1049",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c00e160r2p8)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c00e160r2p11)"
          },
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "p30 \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9245"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          }
        ]
      },
      "cve": "CVE-2020-9245",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-9245",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-009089",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-46461",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9245",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-009089",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9245",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-009089",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-46461",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202008-392",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9245"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function. HUAWEI P30 and P30 Pro Exists in a fraudulent authentication vulnerability.Service operation interruption (DoS) It may be put into a state. Both Huawei P30 and Huawei P30 Pro are smartphones of China\u0027s Huawei (Huawei) company. The vulnerability is caused by incorrect authorization",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9245"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9245",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "49201",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-392",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9245"
          }
        ]
      },
      "id": "VAR-202008-1049",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          }
        ],
        "trust": 1.2085943700000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:03.655000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200805-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 and P30 Pro denial of service vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/230806"
          },
          {
            "title": "Huawei P30  and P30 Pro Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125924"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9245"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9245"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9245"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200805-01-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/49201"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9245"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9245"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          },
          {
            "date": "2020-10-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "date": "2020-08-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          },
          {
            "date": "2020-08-10T20:15:11.923000",
            "db": "NVD",
            "id": "CVE-2020-9245"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46461"
          },
          {
            "date": "2020-10-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          },
          {
            "date": "2021-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          },
          {
            "date": "2024-11-21T05:40:15.703000",
            "db": "NVD",
            "id": "CVE-2020-9245"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 and  P30 Pro Unauthorized authentication vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009089"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-392"
          }
        ],
        "trust": 0.6
      }
    }