Vicky-al00a,victoria-al00a,warsaw-al00 Security Vulnerabilities

Authentication flaw

Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of...

Race condition

Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system...

CVE-2019-5230

P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8) have an improper validation vulnerability. The system does not...

CVE-2019-5213

Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of...

CVE-2019-5228

Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system...

Security Advisory - Two Heap Buffer Overflow Vulnerabilities in Broadcom WiFi Chipset Drivers

There are two heap buffer overflow vulnerabilities in Broadcom WiFi chipset drivers. A remote, unauthenticated attacker may send specially-crafted WiFi packets to exploit these vulnerabilities. Successfully exploit may cause Wi-Fi functions abnormal. (Vulnerability ID: HWPSIRT-2019-04121 and...

Security Advisory - Use-after-free Vulnerability in Android Kernel

There is a use-after-free vulnerability in binder.c of Android kernel. Successful exploitation may cause the attacker elevate the privilege. (Vulnerability ID: HWPSIRT-2019-10100) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-2215. Huawei has...

Security Advisory - Insufficient Authentication Vulnerability in Several Smartphones

There is an insufficient authentication vulnerability on several smartphones. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of uncommon operations without unlock the screen lock....

A week in security (September 30 – October 6)

Last week on Malwarebytes Labs, Malwarebytes renewed its pledge to fight stalkerware for National Cybersecurity Awareness (NCSA) and Domestic Violence Awareness Month. We also looked into what security orchestration is and reported about partnering with security firm, HYAS, to determine the...

Ransomware Attacks Leave U.S. Hospitals Turning Away Patients

A rash of ransomware attacks this week targeted hospitals in the U.S. and Australia. The cyberattacks froze the computer systems of several medical facilities, to the point where they needed to turn away new patients and even cancel surgery appointments. A ransomware attack, reported on Tuesday,...

Security Advisory - Improper Validation Vulnerability in Several Smartphones

There is an improper validation vulnerability on several smartphones. The system does not perform a properly validation of certain input models, an attacker could trick the user to install a malicious application then craft a malformed model , successful exploit could allow the attacker to get and....

LayerBB < 1.1.4 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web...

LayerBB 1.1.4 - Cross-Site Request Forgery

LayerBB 1.1.4 - Cross-Site Request...

LayerBB 1.1.3 Cross Site Request Forgery

...

LayerBB &lt; 1.1.4 - Cross-Site Request Forgery

...

cn.theoilandgasjob.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-973459 Security Researcher garlet_marco Helped patch 1540 vulnerabilities Received 4 Coordinated Disclosure badges , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting cn.theoilandgasjob.com website and its users. ...

Security Advisory - Version Downgrade Vulnerabilities on Smartphones and HiSuite

There are version downgrade vulnerabilities on smartphones and HiSuite. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. (Vulnerability ID: HWPSIRT-2019-06023 and HWPSIRT-2019-06024) The two...

Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability

The KNOB (Key Negotiation of Bluetooth) vulnerability exists in the encryption key negotiation process between two Bluetooth BR/EDR devices. The negotiation process is not encrypted and no authentication is performed. An unauthenticated, adjacent attacker can initiate a man-in-the-middle attack to....

This Week in Security News: DevOps Implementation Concerns and Malware Variants

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how most respondents to a Trend Micro survey shared their concern for the risks in implementing DevOps. Also, read on about how...

Security Advisory - Null Pointer Reference Vulnerability in Some Huawei Smart Phones

There is a null pointer reference vulnerability in some Huawei smart phones. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. (Vulnerability ID: HWPSIRT-2019-05097) This vulnerability....

Security Advisory - Buffer Overflow Vulnerability on Several Smartphones

There is a buffer overflow vulnerability on several smartphones, the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution....

CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary...

Two Denial of Service Vulnerabilities on Some Huawei Smartphones

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause an...

CVE-2019-5216

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A...

CVE-2019-5216

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A...

Race condition

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A...

CVE-2019-5216

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A...

Design/Logic Flaw

There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker...

Design/Logic Flaw

There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can...

CVE-2019-5307

Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on....

CVE-2019-5283

There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can...

CVE-2019-5215

There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker...

CVE-2019-5284

There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected.....

Race condition

There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected.....

CVE-2019-5284

There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected.....

Design/Logic Flaw

Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on....

CVE-2019-5215

There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker...

CVE-2019-5307

Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on....

CVE-2019-5283

There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can...

CVE-2019-5307

Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on....

CVE-2019-5284

There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected.....

CVE-2019-5215

There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker...

CVE-2019-5283

There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can...

CVE-2019-5306

There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a...

Design/Logic Flaw

There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a...

CVE-2019-5306

There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a...

CVE-2019-5306

There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a...

Security Advisory - Some Huawei 4G LTE devices are exposed to a message replay vulnerability

Some Huawei 4G LTE devices are exposed to a message replay vulnerability. or the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the...

Network of Social Media Accounts Impersonates U.S. Political Candidates, Leverages U.S. and Israeli Media in Support of Iranian Interests

In August 2018, FireEye Threat Intelligence released a report exposing what we assessed to be an Iranian influence operation leveraging networks of inauthentic news sites and social media accounts aimed at audiences around the world. We identified inauthentic social media accounts posing as...

Security Advisory - DoS Vulnerability in RTSP Module of Huawei Smart Phones

There is a DoS vulnerability in RTSP module of some Huawei smart phones. Remote attacker could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected phone abnormal, leading to a DoS condition. (Vulnerability ID:...