Huawei Ever-L29B Firmware vulnerabilities

5 known vulnerabilities affecting huawei/ever-l29b_firmware.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2019-5302MEDIUMCVSS 5.3fixed in 9.1.0.311\(c185e3r3p1\)fixed in 9.1.0.310\(c636e3r2p1\)+1 more2020-04-27
CVE-2019-5302 [MEDIUM] CWE-20 CVE-2019-5302: There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send spe There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different
nvd
CVE-2019-5303MEDIUMCVSS 5.3fixed in 9.1.0.311\(c185e3r3p1\)fixed in 9.1.0.310\(c636e3r2p1\)+1 more2020-04-27
CVE-2019-5303 [MEDIUM] CWE-20 CVE-2019-5303: There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send spe There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different
nvd
CVE-2020-1882MEDIUMCVSS 4.6fixed in 10.0.0.180\(c185e6r3p3\)fixed in 10.0.0.180\(c432e6r1p7\)+1 more2020-02-18
CVE-2020-1882 [MEDIUM] CVE-2020-1882: Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180 Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper au
nvd
CVE-2019-5235MEDIUMCVSS 5.3v9.0.0.206\(c185e3r3p1\)v9.0.0.207\(c636e3r2p1\)+1 more2019-12-14
CVE-2019-5235 [MEDIUM] CWE-476 CVE-2019-5235: Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
nvd
CVE-2019-9506HIGHCVSS 8.1fixed in 9.1.0.338\(c185e3r3p1\)2019-08-14
CVE-2019-9506 [HIGH] CWE-310 CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encrypti The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
nvd