Huawei P40 Firmware vulnerabilities

CVE-2021-37104 [HIGH] CWE-918 CVE-2021-37104: There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the attacker are supposed not to do.

CVE-2020-9119 [MEDIUM] CVE-2020-9119: There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.