CVE-2020-1806 โ€” Sensitive Information Exposure in Huawei Honor V10 Firmware

3 documents3 sources
Severity
7.1HIGHNVD
EPSS
0.1%
top 72.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Honor V10 FirmwareHuawei Honor V10
Timeline
PublishedApr 27
Latest updateMay 24

Description

Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 3 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1805.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages2 packages

โ–ถNVDhuawei/honor_v10_firmware< 10.0.0.156\(c00e156r2p4\)
โ–ถCVEListV5huawei/honor_v10Versions earlier than 10.0.0.156(C00E156R2P4)

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-j43g-xjfm-r8v4: Huawei Honor V10 smartphones with versions earlier than 10โ†—2022-05-24
โ–ถ
CVEList
CVE-2020-1806: Huawei Honor V10 smartphones with versions earlier than 10โ†—2020-04-27
โ–ถ
CVE-2020-1806 โ€” Sensitive Information Exposure | cvebase