CVE-2020-9095
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.
El teléfono inteligente HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presenta una vulnerabilidad de desbordamiento de enteros. Algunas funciones carecen de comprobación cuando procesan algunos mensajes enviados desde otro módulo. Los atacantes pueden explotar esta vulnerabilidad mediante el envío de mensajes maliciosos que causen un desbordamiento de enteros. Esto puede comprometer el servicio normal.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-18 CVE Reserved
- 2020-08-21 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en | 2020-08-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | P30 Pro Firmware Search vendor "Huawei" for product "P30 Pro Firmware" | < 10.1.0.160\(c00e160r2p8\) Search vendor "Huawei" for product "P30 Pro Firmware" and version " < 10.1.0.160\(c00e160r2p8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | P30 Pro Search vendor "Huawei" for product "P30 Pro" | - | - |
Safe
|