CVE-2020-9247
N/A
N/A
Summary
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Huawei | HONOR 20 PRO | unspecified < 10.1.0.230(C432E9R5P1) | affected |
| Huawei | HONOR 20 PRO | unspecified < 10.1.0.231(C10E3R3P2) | affected |
| Huawei | HUAWEI Mate 20 | unspecified < 10.1.0.160(C00E160R3P8) | affected |
| Huawei | HUAWEI Mate 20 Pro | unspecified < 10.1.0.270(C432E7R1P5) | affected |
| Huawei | HUAWEI Mate 20 Pro | unspecified < 10.1.0.270(C635E3R1P5) | affected |
| Huawei | HUAWEI Mate 20 Pro | unspecified < 10.1.0.273(C185E7R2P4) | affected |
| Huawei | HUAWEI Mate 20 Pro | unspecified < 10.1.0.273(C636E7R2P4) | affected |
| Huawei | HUAWEI Mate 20 Pro | unspecified < 10.1.0.277(C10E7R2P4) | affected |
| Huawei | HUAWEI Mate 20 Pro | unspecified < 10.1.0.277(C605E7R1P5) | affected |
| Huawei | HUAWEI Mate 20 X | unspecified < 10.1.0.160(C00E160R2P8) | affected |
| Huawei | HUAWEI P30 | 9.1.0.272(C635E4R2P2) | affected |
| Huawei | HUAWEI P30 | unspecified < 10.1.0.123(C432E22R2P5) | affected |
| Huawei | HUAWEI P30 | unspecified < 10.1.0.126(C10E7R5P1) | affected |
| Huawei | HUAWEI P30 | unspecified < 10.1.0.126(C185E4R7P1) | affected |
| Huawei | HUAWEI P30 | unspecified < 10.1.0.126(C605E19R1P3) | affected |
| Huawei | HUAWEI P30 | unspecified < 10.1.0.126(C636E5R3P4) | affected |
| Huawei | HUAWEI P30 | unspecified < 10.1.0.126(C636E7R3P4) | affected |
| Huawei | HUAWEI P30 Pro | unspecified < 10.1.0.160(C00E160R2P8) | affected |
| Huawei | Hima-L29C | unspecified < 10.1.0.273(C185E5R2P4) | affected |
| Huawei | Hima-L29C | unspecified < 10.1.0.273(C636E5R2P4) | affected |
| Huawei | Hima-L29C | unspecified < 10.1.0.275(C10E4R2P4) | affected |
| Huawei | Laya-AL00EP | unspecified < 10.1.0.160(C786E160R3P8) | affected |
| Huawei | Princeton-AL10B | unspecified < 10.1.0.160(C00E160R2P11) | affected |
| Huawei | Tony-AL00B | unspecified < 10.1.0.160(C00E160R2P11) | affected |
| Huawei | Yale-L61A | unspecified < 10.1.0.225(C432E3R1P2) | affected |
| Huawei | Yale-L61A | unspecified < 10.1.0.226(C10E3R1P1) | affected |
| Huawei | Yale-TL00B | unspecified < 10.1.0.160(C01E160R8P12) | affected |
| Huawei | YaleP-AL10B | unspecified < 10.1.0.160(C00E160R8P12) | affected |
Weaknesses
- CWE-120: CWE-120 Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.