CVE-2020-9138 — Out-of-bounds Write in Huawei Emui

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 59.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Emui Huawei Magic UI

Timeline

PublishedJan 13

Latest updateMay 24

Description

There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶NVDhuawei/emui5 versions+4

▶NVDhuawei/magic_ui4 versions+3

🔴Vulnerability Details

GHSA

GHSA-7g87-66j4-g7g4: There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions d↗2022-05-24

▶

CVEList

CVE-2020-9138: There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions d↗2021-01-13

▶