Huawei: >> Harry-Al00c Firmware Security Vulnerabilities
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-12-14
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
CVSS Score
7.6
EPSS Score
0.031
Published
2019-08-14