Use After Free Vulnerability in HUAWEI Mate 30 by HUAWEI
CVE-2020-9262

7.8HIGH

Key Information:

Vendor: Huawei
Status: Huawei Mate 30
Vendor: CVE Published:; 6 July 2020

Summary

The HUAWEI Mate 30 contains a use after free vulnerability present in versions prior to 10.1.0.150(C00E136R5P3). This issue arises when the system accesses memory after it has been released. An attacker may exploit this vulnerability by deceiving a user into installing a malicious application that operates with elevated privileges. If successful, this exploit can lead to arbitrary code execution, allowing the attacker to manipulate the affected device.

Affected Version(s)

HUAWEI Mate 30 Versions earlier than 10.1.0.150(C00E136R5P3)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 6, 2020
Vulnerability Reserved
Feb 18, 2020