← Back

Bla Al00b Firmware

bla-al00b_firmware

Vendor: Huawei • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-19412
1Huawei
28Alp Al00b Firmware
Alp L09 FirmwareAlp L29 Firmware+25 more
Nov 21, 2024
Jun 8, 2020
N/A· v4
4.6 MEDIUM· v3
2.1 LOW· v2
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can...Show more
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.Show less
CVE-2019-5235
1Huawei
50Alp Al00b Firmware
Alp Tl00b FirmwareBla Al00b Firmware+47 more
Nov 21, 2024
Dec 14, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected...Show more
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.Show less
CVE-2019-2215
5Canonical
DebianGoogle+2 more
77A220 Firmware
A320 FirmwareA800 Firmware+74 more
Oct 24, 2025
Oct 11, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installat...Show more
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095Show less
CVE-2019-9506
7Apple
CanonicalDebian+4 more
147Alp Al00b Firmware
AndroidAres Al00b Firmware+144 more
Nov 21, 2024
Aug 14, 2019
N/A· v4
8.1 HIGH· v3
4.8 MEDIUM· v2
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-...Show more
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.Show less
CVE-2018-7910
1Huawei
5Alp Al00b Firmware
Alp Tl00b FirmwareBla Al00b Firmware+2 more
Nov 21, 2024
Nov 13, 2018
N/A· v4
6.8 MEDIUM· v3
4.6 MEDIUM· v2
Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authe...Show more
Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authentication bypass vulnerability. When the attacker obtains the user's smartphone, the vulnerability can be used to replace the start-up program so that the attacker can obtain the information in the smartphone and achieve the purpose of controlling the smartphone.Show less
CVE-2018-7901
1Huawei
2Alp Al00b Firmware
Bla Al00b Firmware
Nov 21, 2024
Apr 30, 2018
N/A· v4
4.4 MEDIUM· v3
5.8 MEDIUM· v2
RCS module in Huawei ALP-AL00B smart phones with software versions earlier than 8.0.0.129, BLA-AL00B smart phones with software versions earlier than 8.0.0.129 has a remote control vulnerability. An attacker can trick a...Show more
RCS module in Huawei ALP-AL00B smart phones with software versions earlier than 8.0.0.129, BLA-AL00B smart phones with software versions earlier than 8.0.0.129 has a remote control vulnerability. An attacker can trick a user to install a malicious application. When the application connects with RCS for the first time, it needs user to manually click to agree. In addition, the attacker needs to obtain the key that RCS uses to authenticate the application. Successful exploitation may cause the attacker to control keyboard remotely.Show less