VYPR

Honor V30 smartphones

by Huawei

CVEs (6)

  • CVE-2020-1805HigApr 27, 2020
    risk 0.46cvss 7.1epss 0.01

    Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may…

  • CVE-2020-1804HigApr 27, 2020
    risk 0.46cvss 7.1epss 0.01

    Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may…

  • CVE-2020-9259MedJul 17, 2020
    risk 0.42cvss 6.5epss 0.01

    Huawei Honor V30 smartphones with versions earlier than 10.1.0.212(C00E210R5P1) have an improper authentication vulnerability. The system does not sufficiently validate certain parameter passed from the bottom level, the attacker should trick the user into installing a malicious…

  • CVE-2020-9064MedMar 12, 2020
    risk 0.36cvss 5.5epss 0.00

    Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some…

  • CVE-2020-1792MedFeb 28, 2020
    risk 0.36cvss 5.5epss 0.00

    Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability. The software writes data past the end of the intended buffer because of insufficient validation…

  • CVE-2020-1788MedJan 21, 2020
    risk 0.36cvss 5.5epss 0.01

    Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another application who would call its interface. An attacker could trick the user into…