Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mate_9_firmware
(Huawei)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 17 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-12-13 | CVE-2019-5264 | There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. | Changxiang_7s_firmware, Changxiang_8_plus_firmware, Honor_9_lite_firmware, Honor_9i_firmware, Honor_v10_firmware, Mate_10_firmware, Mate_10_pro_firmware, Mate_9_firmware, P\-Smart_firmware, Y9_2018_firmware | N/A | ||
2017-11-22 | CVE-2017-8144 | Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An... | Honor_5a_firmware, Honor_8_lite_firmware, Mate_9_firmware, Mate_9_pro_firmware, P10_firmware, P10_plus_firmware | 5.5 | ||
2017-11-22 | CVE-2017-2707 | Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message. | Mate_9_firmware | 7.1 | ||
2017-11-22 | CVE-2017-2703 | Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting. | Mate_9_firmware, P9_firmware | 6.8 | ||
2017-11-22 | CVE-2017-2702 | Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone. | Mate_9_firmware | 6.8 | ||
2018-10-17 | CVE-2017-17176 | The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00BC00B156, versions earlier before MHA-TL00BC00B156, versions earlier before LON-AL00BC00B156, versions earlier before LON-CL00BC00B156, versions earlier before LON-DL00BC00B156, versions earlier before LON-TL00BC00B156 has a arbitrary memory read/write vulnerability due to the input parameters... | Mate_9_firmware, Mate_9_pro_firmware | 6.7 | ||
2018-07-31 | CVE-2018-7992 | Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. The driver does not sufficiently validate the input, an attacker could trick the user to install a malicious application which would send crafted parameters to the driver. Successful exploit could cause a denial of service condition. | Mate_9_firmware, Mate_9_pro_firmware, Mediapad_m3_firmware, P10_plus_firmware | 5.5 | ||
2018-05-10 | CVE-2018-7940 | Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. An attacker with high privilege obtains the smart phone and bypass the activation function by some specific operations. | Mate_9_firmware, Mate_9_pro_firmware | 6.2 | ||
2018-04-11 | CVE-2018-7930 | The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's mobile phone using the NFC function, the attacker can obtain arbitrary files from the mobile phone, causing information leaks. | Mate_9_firmware | 5.7 | ||
2018-03-05 | CVE-2017-8165 | Mate 9 Huawei smart phones with versions earlier than MHA-AL00BC00B233 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Successful exploitation may cause sensitive information leak. | Mate_9_firmware | 5.5 |