CVE-2020-1808

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

7.1HIGH

EPSS

0.1%

top 72.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Honor 20 Firmware Huawei Honor 20 PRO Firmware Huawei Honor Magic2 Firmware +1 more

Timeline

PublishedMay 15

Latest updateMay 24

Description

Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than 10.1.0.123(C431E22R3P5), versions earlier than 10.1.0.126(C636E5R3P4), versions earlier than 10.1.0.160(C00E160R2P11); versions earlier than 10.1.0.126(C185E8R5P1), versions earlier than 10.1.0.126(C636E9R…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

▶NVDhuawei/honor_magic2_firmware< 10.0.0.176\(c00e60r2p11\)

▶NVDhuawei/honor_view_20_firmware< 10.0.0.179\(c636e3r4p3\)+3

▶NVDhuawei/honor_20_firmware< 10.0.0.187\(c00e60r4p11\)

▶NVDhuawei/honor_20_pro_firmware< 10.0.0.187\(c00e60r4p11\)

🔴Vulnerability Details

GHSA

GHSA-qvqw-f2fv-45jw: Huawei smartphones Honor View 20;Honor 20;Honor 20 PRO;Honor Magic2 with Versions earlier than 10↗2022-05-24

▶

CVEList

CVE-2020-1808: Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10↗2020-05-15

▶