CVE-2020-9258

HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper input verification vulnerability. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting malicious fragment. This may lead to user information leak.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:40

Type Values Removed Values Added
References () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-02-smartphone-en - Vendor Advisory () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-02-smartphone-en - Vendor Advisory

Information

Published : 2020-07-10 14:15

Updated : 2024-11-21 05:40


NVD link : CVE-2020-9258

Mitre link : CVE-2020-9258

CVE.ORG link : CVE-2020-9258


JSON object : View

Products Affected

huawei

  • p30
  • p30_firmware
CWE
CWE-20

Improper Input Validation