User After Free Vulnerability in Huawei Smartphone Taurus-AL00B
CVE-2020-9237
6.7MEDIUM
Summary
The Huawei Taurus-AL00B smartphone is susceptible to a user after free vulnerability due to inadequate lock protection within a module. Attackers can exploit this issue through specifically crafted requests, potentially disrupting the normal operation of the device. This vulnerability affects versions of the Taurus-AL00B that are earlier than 10.1.0.126(C00E125R5P3), highlighting the need for users to update their devices to ensure optimal security and functionality.
Affected Version(s)
Taurus-AL00B Versions earlier than 10.1.0.126(C00E125R5P3)
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved