Out-of-bounds Read in Huawei P30_pro
CVE-2020-9096
HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit th…
Vulnerability class: Buffer Overflow
EPSS: 0.002 (9.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Huawei P30_pro
- Huawei P30_pro_firmware
- N/a Huawei P30 Pro — versions Versions earlier than 10.1.0.160(C00E160R2P8)
Weakness classification (CWE)
References
- psirt@huawei.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-9096?
- CVE-2020-9096 is a medium-severity vulnerability in Huawei P30_pro, classified under Out-of-bounds Read. CVSS score: 5.5/10. Published 2020-08-21.
- How severe is CVE-2020-9096?
- Medium severity. CVSS v3 base score is 5.5 out of 10.