Huawei Anne-Al00 Firmware vulnerabilities

CVE-2019-19412 [MEDIUM] CVE-2019-19412: Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-con Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-a

CVE-2020-9069 [MEDIUM] CVE-2020-9069: There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD1

CVE-2019-2215 [HIGH] CWE-416 CVE-2019-2215: A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kerne A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-14172009

CVE-2018-7924 [LOW] CWE-732 CVE-2018-7924: Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerabi Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone.