CVE-2020-9125

MEDIUM

Huawei Mate 30 Firmware < 10.1.0.156(C00E155R7P2) - Out-of-bounds Read via Crafted Packet

Title source: llm
STIX 2.1

Description

There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to insufficient validation of the parameter, successful exploit can cause the device to behave abnormally.

References (1)

Core 1

Scores

CVSS v3 6.7
EPSS 0.0025
EPSS Percentile 15.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-125
Status published
Products (1)
huawei/mate_30_firmware < 10.1.0.156\(c00e155r7p2\)
Published Dec 29, 2020
Tracked Since Feb 18, 2026