Type Confusion Vulnerability in HUAWEI Mate 30 Devices
CVE-2020-9261

7.8HIGH

Key Information:

Vendor: Huawei
Status: Huawei Mate 30
Vendor: CVE Published:; 6 July 2020

Summary

A type confusion vulnerability exists in the HUAWEI Mate 30 devices prior to version 10.1.0.150(C00E136R5P3). This flaw arises because the system fails to adequately verify and transform variable types. An attacker could leverage this vulnerability by tricking a user into installing and executing a specially crafted application. If successful, this exploit may allow the attacker to execute arbitrary code, potentially compromising the security of the device.

Affected Version(s)

HUAWEI Mate 30 Versions earlier than 10.1.0.150(C00E136R5P3)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 6, 2020
Vulnerability Reserved
Feb 18, 2020