Use-After-Free Vulnerability in Huawei Smartphones
CVE-2020-9065
5.5MEDIUM
Summary
The Taurus-AL00B smartphone from Huawei, specifically versions prior to 10.0.0.203(C00E201R7P2), is susceptible to a use-after-free vulnerability. This flaw allows an authenticated, local attacker to carry out specific actions that may compromise the device's information integrity and overall availability. Exploiting this vulnerability could lead to unauthorized access or manipulation of sensitive data, emphasizing the importance of timely software updates for device security.
Affected Version(s)
Taurus-AL00B Versions earlier than 10.0.0.203(C00E201R7P2)
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved