There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HHuawei Hima L29c
HWHuaweiwszystkie wersjeHuawei Hima L29c Firmware
OSHuawei< 10.1.0.273\(c636e5r2p4\)< 10.1.0.275\(c10e4r2p4\)< 10.1.0.273\(c185e5r2p4\)Huawei Honor 20 Pro
HWHuaweiwszystkie wersjeHuawei Honor 20 Pro Firmware
OSHuawei< 10.1.0.231\(c10e3r3p2\)< 10.1.0.230\(c432e9r5p1\)Huawei Laya Al00ep
HWHuaweiwszystkie wersjeHuawei Laya Al00ep Firmware
OSHuawei< 10.1.0.160\(c786e160r3p8\)Huawei Mate 20
HWHuaweiwszystkie wersjeHuawei Mate 20 Firmware
OSHuawei< 10.1.0.160\(c00e160r3p8\)Huawei Mate 20 Pro
HWHuaweiwszystkie wersjeHuawei Mate 20 Pro Firmware
OSHuawei< 10.1.0.270\(c635e3r1p5\)< 10.1.0.270\(c432e7r1p5\)< 10.1.0.277\(c605e7r1p5\)< 10.1.0.277\(c10e7r2p4\)< 10.1.0.273\(c636e7r2p4\)< 10.1.0.273\(c185e7r2p4\)Huawei Mate 20 X
HWHuaweiwszystkie wersjeHuawei Mate 20 X Firmware
OSHuawei< 10.1.0.160\(c00e160r2p8\)Huawei P30
HWHuaweiwszystkie wersjeHuawei P30 Firmware
OSHuawei9.1.0.272\(c635e4r2p2\)< 10.1.0.126\(c605e19r1p3\)< 10.1.0.123\(c432e22r2p5\)< 10.1.0.126\(c10e7r5p1\)< 10.1.0.126\(c185e4r7p1\)< 10.1.0.126\(c636e5r3p4\)< 10.1.0.126\(c636e7r3p4\)Huawei P30 Pro
HWHuaweiwszystkie wersjeHuawei P30 Pro Firmware
OSHuawei< 10.1.0.160\(c00e160r2p8\)Huawei Princeton Al10b
HWHuaweiwszystkie wersjeHuawei Princeton Al10b Firmware
OSHuawei< 10.1.0.160\(c00e160r2p11\)Huawei Tony Al00b
HWHuaweiwszystkie wersjeHuawei Tony Al00b Firmware
OSHuawei< 10.1.0.160\(c00e160r2p11\)Huawei Yale L61a
HWHuaweiwszystkie wersjeHuawei Yale L61a Firmware
OSHuawei< 10.1.0.226\(c10e3r1p1\)< 10.1.0.225\(c432e3r1p2\)Huawei Yalep Al10b
HWHuaweiwszystkie wersjeHuawei Yalep Al10b Firmware
OSHuawei< 10.1.0.160\(c00e160r8p12\)Huawei Yale Tl00b
HWHuaweiwszystkie wersjeHuawei Yale Tl00b Firmware
OSHuawei< 10.1.0.160\(c01e160r8p12\)
Powiązane podatności
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to ins...
There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated ...
There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inp...
There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of recei...
HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Blueto...