User After Free Vulnerability in Huawei Smartphone Taurus-AL00B
CVE-2020-9237

6.7MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
17 August 2020

Summary

The Huawei Taurus-AL00B smartphone is susceptible to a user after free vulnerability due to inadequate lock protection within a module. Attackers can exploit this issue through specifically crafted requests, potentially disrupting the normal operation of the device. This vulnerability affects versions of the Taurus-AL00B that are earlier than 10.1.0.126(C00E125R5P3), highlighting the need for users to update their devices to ensure optimal security and functionality.

Affected Version(s)

Taurus-AL00B Versions earlier than 10.1.0.126(C00E125R5P3)

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.