Out of Bounds Write Vulnerability in Honor V10 Smartphones by Huawei
CVE-2020-1792

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Honor V10
Vendor: CVE Published:; 28 February 2020

Summary

Honor V10 smartphones are susceptible to an out of bounds write vulnerability due to insufficient validation of specific parameters during the initialization of certain drivers. This flaw allows an attacker to potentially mislead users into installing a malicious application, which could lead to unauthorized access or device reboot, thereby compromising device functionality and user data integrity.

Affected Version(s)

Honor V10 Versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4),Versions earlier than BKL-L09 10.0.0.146(C432E4R1P4)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 28, 2020
Vulnerability Reserved
Nov 29, 2019