CVE-2020-9247
Published: Dec 7, 2020
Modified: Aug 4, 2024
Description
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
| Vendor | Product | Versions |
|---|---|---|
Huawei | HONOR 20 PRO | affected unspecified - < 10.1.0.230(C432E9R5P1)affected unspecified - < 10.1.0.231(C10E3R3P2) |
Huawei | HUAWEI Mate 20 | affected unspecified - < 10.1.0.160(C00E160R3P8) |
Huawei | HUAWEI Mate 20 Pro | affected unspecified - < 10.1.0.270(C432E7R1P5)affected unspecified - < 10.1.0.270(C635E3R1P5)affected unspecified - < 10.1.0.273(C185E7R2P4)affected unspecified - < 10.1.0.273(C636E7R2P4)affected unspecified - < 10.1.0.277(C10E7R2P4)+1 more versions |
Huawei | HUAWEI Mate 20 X | affected unspecified - < 10.1.0.160(C00E160R2P8) |
Huawei | HUAWEI P30 | affected 9.1.0.272(C635E4R2P2)affected unspecified - < 10.1.0.123(C432E22R2P5)affected unspecified - < 10.1.0.126(C10E7R5P1)affected unspecified - < 10.1.0.126(C185E4R7P1)affected unspecified - < 10.1.0.126(C605E19R1P3)+2 more versions |
Huawei | HUAWEI P30 Pro | affected unspecified - < 10.1.0.160(C00E160R2P8) |
Huawei | Hima-L29C | affected unspecified - < 10.1.0.273(C185E5R2P4)affected unspecified - < 10.1.0.273(C636E5R2P4)affected unspecified - < 10.1.0.275(C10E4R2P4) |
Huawei | Laya-AL00EP | affected unspecified - < 10.1.0.160(C786E160R3P8) |
Huawei | Princeton-AL10B | affected unspecified - < 10.1.0.160(C00E160R2P11) |
Huawei | Tony-AL00B | affected unspecified - < 10.1.0.160(C00E160R2P11) |
Huawei | Yale-L61A | affected unspecified - < 10.1.0.225(C432E3R1P2)affected unspecified - < 10.1.0.226(C10E3R1P1) |
Huawei | Yale-TL00B | affected unspecified - < 10.1.0.160(C01E160R8P12) |
Huawei | YaleP-AL10B | affected unspecified - < 10.1.0.160(C00E160R8P12) |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now