Huawei Honor Magic2 Firmware vulnerabilities

5 known vulnerabilities affecting huawei/honor_magic2_firmware.

Total CVEs

5

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH1MEDIUM4

Vulnerabilities

Page 1 of 1

CVE-2020-1808HIGHCVSS 7.1fixed in 10.0.0.176\(c00e60r2p11\)2020-05-15

CVE-2020-1808 [HIGH] CWE-125 CVE-2020-1808: Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartpho Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than 10.1.0.123(C431E22R3P5), versions earlier than 10.1.0.126(C6

CVE-2019-5302MEDIUMCVSS 5.3fixed in 10.0.0.1872020-04-27

CVE-2019-5302 [MEDIUM] CWE-20 CVE-2019-5302: There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send spe There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different

CVE-2019-5303MEDIUMCVSS 5.3fixed in 10.0.0.1872020-04-27

CVE-2019-5303 [MEDIUM] CWE-20 CVE-2019-5303: There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send spe There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different

CVE-2020-1882MEDIUMCVSS 4.6fixed in 10.0.0.175\(c00e59r2p11\)2020-02-18

CVE-2020-1882 [MEDIUM] CVE-2020-1882: Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180 Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper au

CVE-2020-1826MEDIUMCVSS 4.4fixed in 10.0.0.175\(c00e59r2p11\)2020-01-09

CVE-2020-1826 [MEDIUM] CWE-327 CVE-2020-1826: Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an informa Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability. Due to a module using weak encryption tool, an attacker with the root permission may exploit the vulnerability to obtain some information.