There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write.

Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.

Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally.

Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access.

There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation.

Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read.

Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally.

Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 2 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1806.

There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than 10.1.0.123(C431E22R3P5), versions earlier than 10.1.0.126(C636E5R3P4), versions earlier than 10.1.0.160(C00E160R2P11); versions earlier than 10.1.0.126(C185E8R5P1), versions earlier than 10.1.0.126(C636E9R2P4), versions earlier than 10.1.0.160(C00E160R2P8); versions earlier than 10.0.0.179(C636E3R4P3), versions earlier than 10.0.0.180(C185E3R3P3), versions earlier than 10.0.0.180(C432E10R3P4), versions earlier than 10.0.0.181(C675E5R1P2) have an out of bound read vulnerability. The software reads data past the end of the intended buffer. The attacker tricks the user into installing a crafted application, successful exploit may cause information disclosure or service abnormal.

Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 1 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1805 and CVE-2020-1806.

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service.

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation.

Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthenticated attacker could exploit this vulnerability to disrupt service in the affected products.

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the device reboot.

There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access.

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.

The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.

The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.

The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.

The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access.

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.

Out-of-bounds read vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.

Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300.

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.

There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition.

Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.

There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.

There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.

There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution.

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.