Use After Free Vulnerability in HUAWEI Smartphones
CVE-2020-9263

7.8HIGH

Key Information:

Vendor
Huawei
Vendor
CVE Published:
19 October 2020

Summary

The vulnerability exists in HUAWEI Mate 30 and P30 smartphones, where the system could reference memory after it has been freed. This could be exploited by an attacker who tricks a user into executing a malicious application with normal privileges. If exploited successfully, it may lead to arbitrary code execution, compromising the user's device security.

Affected Version(s)

HUAWEI Mate 30;HUAWEI P30 Versions earlier than 10.1.0.150(C00E136R5P3)

HUAWEI Mate 30;HUAWEI P30 Versions earlier than 10.1.0.160(C00E160R2P11)

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.