Huawei Mate 20 Pro Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Huawei Mate 20 Pro Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2020-0022 — CVSS 8.8 (high): In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This…
CVE-2019-9506 — CVSS 8.1 (high): The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an…
CVE-2020-9247 — CVSS 7.8 (high): There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration…
CVE-2019-5250 — CVSS 7.8 (high): Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does…
CVE-2020-9080 — CVSS 7.8 (high): There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a…
CVE-2020-9244 — CVSS 6.8 (medium): HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than…
CVE-2019-5302 — CVSS 5.3 (medium): There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a…
CVE-2019-5303 — CVSS 5.3 (medium): There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a…
CVE-2021-22440 — CVSS 4.6 (medium): There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to…
CVE-2020-1786 — CVSS 4.6 (medium): HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability. The software…
CVE-2020-9250 — CVSS 3.3 (low): There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software…