Integer overflow in Huawei P30_pro
CVE-2020-9095
HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this…
Vulnerability class: Integer Overflow
EPSS: 0.002 (9.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Huawei P30_pro
- Huawei P30_pro_firmware
- N/a Huawei P30 Pro — versions Versions earlier than 10.1.0.160(C00E160R2P8)
Weakness classification (CWE)
References
- psirt@huawei.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-9095?
- CVE-2020-9095 is a medium-severity vulnerability in Huawei P30_pro, classified under Integer Overflow or Wraparound. CVSS score: 5.5/10. Published 2020-08-21.
- How severe is CVE-2020-9095?
- Medium severity. CVSS v3 base score is 5.5 out of 10.