Buffer Overflow Vulnerability in Huawei Smartphones
CVE-2020-9247

7.8HIGH

Key Information:

Vendor
Huawei
Vendor
CVE Published:
7 December 2020

Summary

A buffer overflow vulnerability exists in several Huawei smartphone models due to inadequate validation of configuration parameters passed from users. Exploiting this vulnerability requires the user to be tricked into installing and executing a malicious application with elevated privileges. If successfully executed, this could allow an attacker to run arbitrary code on the affected devices, potentially compromising user data and overall device security.

Affected Version(s)

Hima-L29C < 10.1.0.273(C185E5R2P4)

Hima-L29C < 10.1.0.273(C636E5R2P4)

Hima-L29C < 10.1.0.275(C10E4R2P4)

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.