Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.