Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-9123


HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.


Published

2020-10-12T14:15:14.433

Last Modified

2024-11-21T05:40:05.773

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-787

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System huawei p30_pro_firmware < 10.1.0.160\(c00e160r2p8\) Yes
Hardware huawei p30_pro - No
Operating System huawei p30_pro_firmware < 10.1.0.160\(c01e160r2p8\) Yes
Hardware huawei p30_pro - No

References