Vulnerability Description
There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to insufficient validation of the parameter, successful exploit can cause the device to behave abnormally.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 30 Firmware | < 10.1.0.156\(c00e155r7p2\) |
| Huawei | Mate 30 | - |
Related Weaknesses (CWE)
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-taurusVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-01-taurusVendor Advisory
FAQ
What is CVE-2020-9125?
CVE-2020-9125 is a vulnerability with a CVSS score of 6.7 (MEDIUM). There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending ...
How severe is CVE-2020-9125?
CVE-2020-9125 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9125?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 30 Firmware, Huawei Mate 30.