Buffer Overflow Vulnerability in Huawei Smartphones
CVE-2020-9247
7.8HIGH
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 7 December 2020
Summary
A buffer overflow vulnerability exists in several Huawei smartphone models due to inadequate validation of configuration parameters passed from users. Exploiting this vulnerability requires the user to be tricked into installing and executing a malicious application with elevated privileges. If successfully executed, this could allow an attacker to run arbitrary code on the affected devices, potentially compromising user data and overall device security.
Affected Version(s)
Hima-L29C < 10.1.0.273(C185E5R2P4)
Hima-L29C < 10.1.0.273(C636E5R2P4)
Hima-L29C < 10.1.0.275(C10E4R2P4)
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved