Use After Free Vulnerability in HUAWEI Smartphones
CVE-2020-9263

7.8HIGH

Key Information:

Vendor: Huawei
Status: Huawei Mate 30;huawei P30
Vendor: CVE Published:; 19 October 2020

Summary

The vulnerability exists in HUAWEI Mate 30 and P30 smartphones, where the system could reference memory after it has been freed. This could be exploited by an attacker who tricks a user into executing a malicious application with normal privileges. If exploited successfully, it may lead to arbitrary code execution, compromising the user's device security.

Affected Version(s)

HUAWEI Mate 30;HUAWEI P30 Versions earlier than 10.1.0.150(C00E136R5P3)

HUAWEI Mate 30;HUAWEI P30 Versions earlier than 10.1.0.160(C00E160R2P11)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2020
Vulnerability Reserved
Feb 18, 2020