Produkt Mate 9 firmware (...) - CVEMAP.ORG

Podatności dla 'Mate 9 firmware'

2018-10-17

CVE-2017-17176

CWE-787

The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00BC00B156, versions earlier before MHA-TL00BC00B156, versions earlier before LON-AL00BC00B156, versions earlier before LON-CL00BC00B156, versions earlier before LON-DL00BC00B156, versions earlier before LON-TL00BC00B156 has a arbitrary memory read/write vulnerability due to the input parameters validation. An attacker with the root privilege of the Android system could exploit this vulnerability to read and write memory data anywhere or execute arbitrary code in the TrustZone.

2017-11-22

CVE-2017-8144

CWE-920

Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery.

CVE-2017-2707

CWE-494

Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message.

CVE-2017-2706

CWE-22

Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and impact the service.

CVE-2017-2703

CWE-noinfo

Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting.

CVE-2017-2702

CWE-noinfo

Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone.

CVE-2017-2701

CWE-345

Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application. Since the system does not verify the broadcasting message from the application, it could be exploited to cause some functions of system unavailable.

>>> Vendor: Huawei 665 Produkty

Versatile routing platform

Mt882 v100t002b020 arg-t

Mt882 modem firmware

Eudemon usg5300

Eudemon usg5500

Eudemon usg9300

Eudemon usg9500

Quidway service process unit board s7700

Quidway service process unit board s9300

Quidway service process unit board s9700

Seco versatile security manager

Zobacz wszystkie produkty dla producenta Huawei

Copyright 2024, cxsecurity.com