Buffer Overflow Vulnerability in HUAWEI Mate 20 Bluetooth Module
CVE-2020-9113

8HIGH

Key Information:

Vendor: Huawei
Status: Huawei Mate 20
Vendor: CVE Published:; 19 October 2020

Summary

The HUAWEI Mate 20 devices before version 10.0.0.188 are susceptible to a buffer overflow vulnerability in the Bluetooth module. This issue arises from inadequate input validation, allowing an unauthenticated attacker to send specially crafted Bluetooth messages post successful pairing. If exploited, this vulnerability could enable the attacker to execute arbitrary code, posing a significant security risk.

Affected Version(s)

HUAWEI Mate 20 Versions earlier than 10.0.0.188(C00E74R3P8)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2020
Vulnerability Reserved
Feb 18, 2020