Use After Free Vulnerability in HUAWEI Mate 30 by HUAWEI
CVE-2020-9262

7.8HIGH

Key Information:

Vendor
Huawei
Vendor
CVE Published:
6 July 2020

Summary

The HUAWEI Mate 30 contains a use after free vulnerability present in versions prior to 10.1.0.150(C00E136R5P3). This issue arises when the system accesses memory after it has been released. An attacker may exploit this vulnerability by deceiving a user into installing a malicious application that operates with elevated privileges. If successful, this exploit can lead to arbitrary code execution, allowing the attacker to manipulate the affected device.

Affected Version(s)

HUAWEI Mate 30 Versions earlier than 10.1.0.150(C00E136R5P3)

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.