CVE-2020-9095

CWE-190Integer Overflow3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 93.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei P30 PRO Firmware
Timeline
PublishedAug 21
Latest updateMay 24

Description

HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/p30_pro_firmware< 10.1.0.160\(c00e160r2p8\)
CVEListV5huawei_p30_proVersions earlier than 10.1.0.160(C00E160R2P8)

🔴Vulnerability Details

2
GHSA
GHSA-3mqf-x35g-6j9q: HUAWEI P30 Pro smartphone with Versions earlier than 102022-05-24
CVEList
CVE-2020-9095: HUAWEI P30 Pro smartphone with Versions earlier than 102020-08-21
CVE-2020-9095 (MEDIUM CVSS 5.5) | HUAWEI P30 Pro smartphone with Vers | cvebase.io