Huawei Sydneym-Al00 Firmware vulnerabilities

5 known vulnerabilities affecting huawei/sydneym-al00_firmware.

Total CVEs

5

CISA KEV

2

actively exploited

Public exploits

1

Exploited in wild

2

Severity breakdown

HIGH3MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2020-9117HIGHCVSS 7.8fixed in 10.0.0.165\(c00e66r1p5\)2020-12-01

CVE-2020-9117 [HIGH] CWE-125 CVE-2020-9117: HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10 HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet to the affected products. Due to insufficient validation of packet, which m

CVE-2019-5302MEDIUMCVSS 5.3fixed in 9.1.0.228\(c00e78r1p7t8\)2020-04-27

CVE-2019-5302 [MEDIUM] CWE-20 CVE-2019-5302: There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send spe There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different

CVE-2019-5303MEDIUMCVSS 5.3fixed in 9.1.0.228\(c00e78r1p7t8\)2020-04-27

CVE-2019-5303 [MEDIUM] CWE-20 CVE-2019-5303: There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send spe There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different

CVE-2020-0069HIGHCVSS 7.8KEVfixed in 10.0.0.159\(c00e64r1p5\)2020-03-10

CVE-2020-0069 [HIGH] CWE-787 CVE-2020-0069: In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kern

CVE-2019-2215HIGHCVSS 7.8KEVPoCfixed in 9.1.0.212\(c00e62r1p7t8\)2019-10-11

CVE-2019-2215 [HIGH] CWE-416 CVE-2019-2215: A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kerne A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-14172009