CVE-2020-9125
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to insufficient validation of the parameter, successful exploit can cause the device to behave abnormally.
Se presenta una vulnerabilidad de lectura fuera de límite en el teléfono inteligente Huawei Mate 30 versiones anteriores a 10.1.0.156(C00E155R7P2). Un atacante con permiso específico puede explotar esta vulnerabilidad mediante el envío de un paquete diseñado con un parámetro específico hacia el dispositivo objetivo. Debido a una comprobación insuficiente del parámetro, una explotación con éxito puede causar que el dispositivo se comporte anormalmente
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-18 CVE Reserved
- 2020-12-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-taurus-en | 2020-12-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Mate 30 Firmware Search vendor "Huawei" for product "Mate 30 Firmware" | < 10.1.0.156\(c00e155r7p2\) Search vendor "Huawei" for product "Mate 30 Firmware" and version " < 10.1.0.156\(c00e155r7p2\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mate 30 Search vendor "Huawei" for product "Mate 30" | - | - |
Safe
|