Out-of-Bounds Read Vulnerability in Huawei Smartphone
CVE-2020-9087

5.5MEDIUM

Key Information:

Vendor
Huawei
Status
Taurus-al00a
Vendor
CVE Published:
12 October 2020

Summary

The Taurus-AL00A smartphone from Huawei contains an out-of-bounds read vulnerability in its XFRM module. An authenticated local attacker could exploit this flaw by executing a specific operation, potentially leading to unauthorized information disclosure. The risk arises from insufficient validation of input parameters, which enables the attacker to access sensitive information.

Affected Version(s)

Taurus-AL00A 10.0.0.1(C00E1R1P1)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.