CVE-2020-9113
Summary
| CVE | CVE-2020-9113 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-10-19 20:15:00 UTC |
| Updated | 2020-10-22 14:02:00 UTC |
| Description | HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution. |
Risk And Classification
Problem Types: CWE-120
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Mate 20 | - | All | All | All |
| Hardware | Huawei | Mate 20 | - | All | All | All |
| Operating System | Huawei | Mate 20 Firmware | All | All | All | All |
| Operating System | Huawei | Mate 20 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Buffer Overflow Vulnerability in the Bluetooth Module of Some Huawei Mobile Phones | MISC | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.