Huawei Mate 10 Firmware vulnerabilities
9 known vulnerabilities affecting huawei/mate_10_firmware.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM6
Vulnerabilities
Page 1 of 1
CVE-2020-9119MEDIUMCVSS 6.2fixed in 10.0.0.189\(c185e6r1p3\)2020-12-24
CVE-2020-9119 [MEDIUM] CVE-2020-9119: There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The
There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.
nvd
CVE-2020-1809MEDIUMCVSS 4.6fixed in 10.0.0.143\(c00e143r2p4\)2020-05-29
CVE-2020-1809 [MEDIUM] CVE-2020-1809: HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information di
HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure.
nvd
CVE-2019-5264MEDIUMCVSS 4.6fixed in 9.0.0.167\(c00e85r2p20t8\)fixed in 9.0.0.159\(c432e4r1p9t8\)+2 more2019-12-13
CVE-2019-5264 [MEDIUM] CVE-2019-5264: There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure.
nvd
CVE-2019-5305MEDIUMCVSS 5.5fixed in alp-l29_9.0.0.159\(c185\)2019-06-06
CVE-2019-5305 [MEDIUM] CWE-415 CVE-2019-5305: The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C18
The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash.
nvd
CVE-2019-5214MEDIUMCVSS 5.5fixed in alp-al00b_9.0.0.167\(c00e85r2p20t8\)2019-06-06
CVE-2019-5214 [MEDIUM] CWE-416 CVE-2019-5214: There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones ver
There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause a denial of service condition
nvd
CVE-2019-5219MEDIUMCVSS 5.5fixed in alp-al00b_9.0.0.181\(c00e87r2p20t8\)2019-06-06
CVE-2019-5219 [MEDIUM] CWE-415 CVE-2019-5219: There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlie
There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8). An attacker tricks the user into installing a malicious application, which makes multiple processes operate the same resource at the same time. Successful exploit could cause a denial of service condition.
nvd
CVE-2018-7993HIGHCVSS 7.8fixed in alp-al00_8.1.0.3112018-07-31
CVE-2018-7993 [HIGH] CWE-416 CVE-2018-7993: HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulne
HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code.
nvd
CVE-2017-17227HIGHCVSS 7.8fixed in alp-l09_8.0.0.120\(c212\)fixed in alp-l09_8.0.0.127\(c900\)+6 more2018-03-09
CVE-2017-17227 [HIGH] CWE-125 CVE-2017-17227: GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The vers
GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious applica
nvd
CVE-2017-15311HIGHCVSS 8.8fixed in alp-al00_8.0.0.120\(sp2c00\)2017-12-22
CVE-2017-15311 [HIGH] CWE-119 CVE-2017-15311: The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software b
The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packe
nvd