CVE-2020-9113 — Classic Buffer Overflow in Huawei Mate 20 Firmware

CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

8.0HIGHNVD

EPSS

0.0%

top 85.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Mate 20 Firmware Huawei Mate 20

Timeline

PublishedOct 19

Latest updateMay 24

Description

HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages2 packages

▶NVDhuawei/mate_20_firmware< 10.0.0.188\(c00e74r3p8\)

▶CVEListV5huawei/huawei_mate_20Versions earlier than 10.0.0.188(C00E74R3P8)

🔴Vulnerability Details

GHSA

GHSA-2wjr-vfmw-3fw7: HUAWEI Mate 20 versions earlier than 10↗2022-05-24

▶

CVEList

CVE-2020-9113: HUAWEI Mate 20 versions earlier than 10↗2020-10-19

▶