CVE-2020-1808 - OpenCVE

Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than 10.1.0.123(C431E22R3P5), versions earlier than 10.1.0.126(C636E5R3P4), versions earlier than 10.1.0.160(C00E160R2P11); versions earlier than 10.1.0.126(C185E8R5P1), versions earlier than 10.1.0.126(C636E9R2P4), versions earlier than 10.1.0.160(C00E160R2P8); versions earlier than 10.0.0.179(C636E3R4P3), versions earlier than 10.0.0.180(C185E3R3P3), versions earlier than 10.0.0.180(C432E10R3P4), versions earlier than 10.0.0.181(C675E5R1P2) have an out of bound read vulnerability. The software reads data past the end of the intended buffer. The attacker tricks the user into installing a crafted application, successful exploit may cause information disclosure or service abnormal.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Honor 20 Firmware Honor 20 Honor View 20 Firmware Honor 20 Pro Honor 20 Pro Firmware Honor View 20 Honor Magic2 Honor Magic2 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:huawei:honor_magic2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_magic2:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-02-smartphone-en	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2020-05-15T13:55:05

Updated: 2020-07-27T12:10:02

Reserved: 2019-11-29T00:00:00

Link: CVE-2020-1808

JSON object: View

NVD Information

Status : Modified

Published: 2020-05-15T14:15:11.810

Modified: 2020-07-27T13:15:11.387

Link: CVE-2020-1808

JSON object: View

Redhat Information

No data.

CWE

CWE-125