Out of Bounds Vulnerabilities in Huawei Honor V10 Smartphones
CVE-2020-1804

7.1HIGH

Key Information:

Vendor: Huawei
Status: Honor V10
Vendor: CVE Published:; 27 April 2020

What is CVE-2020-1804?

Huawei Honor V10 smartphones prior to version 10.0.0.156 (C00E156R2P4) exhibit three out of bounds vulnerabilities. These arise from inadequately validated parameters in certain driver programs, potentially resulting in multiple bytes being read outside allocated memory bounds. Exploiting these vulnerabilities could lead to unauthorized information exposure or abnormal behavior of the device's services. Notably, this is distinct from related vulnerabilities CVE-2020-1805 and CVE-2020-1806.

Affected Version(s)

Honor V10 Versions earlier than 10.0.0.156(C00E156R2P4)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 27, 2020
Vulnerability Reserved
Nov 29, 2019