HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper input verification vulnerability. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting malicious fragment. This may lead to user information leak.
References
Link | Resource |
---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-02-smartphone-en | Vendor Advisory |
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-02-smartphone-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 05:40
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-02-smartphone-en - Vendor Advisory |
Information
Published : 2020-07-10 14:15
Updated : 2024-11-21 05:40
NVD link : CVE-2020-9258
Mitre link : CVE-2020-9258
CVE.ORG link : CVE-2020-9258
JSON object : View
Products Affected
huawei
- p30_firmware
- p30
CWE
CWE-20
Improper Input Validation