What is CVE-2020-1792?

CVE-2020-1792 is a vulnerability affecting Honor V10 smartphones with earlier versions than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4).

What is the severity of CVE-2020-1792?

The severity of CVE-2020-1792 is high with a severity value of 5.5.

What is the vulnerability description of CVE-2020-1792?

CVE-2020-1792 is an out of bounds write vulnerability that allows the software to write data beyond the intended buffer due to insufficient parameter validation.

How can I fix CVE-2020-1792?

To fix CVE-2020-1792, update your Honor V10 smartphone to BKL-AL20 10.0.0.156(C00E156R2P4) or BKL-L09 10.0.0.146(C432E4R1P4) or later versions.

Vulnerability/
CVE-2020-1792

high

7.1

CWE

787

28/2/2020

4/8/2024

CVE-2020-1792

First published: Fri Feb 28 2020(Updated: )

Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability. The software writes data past the end of the intended buffer because of insufficient validation of certain parameter when initializing certain driver program. An attacker could trick the user into installing a malicious application, successful exploit could cause the device to reboot.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei Honor V10 Firmware	<bkl-al20_10.0.0.156\(c00e156r2p4\)
Huawei Honor V10
Huawei Honor V10 Firmware	<bkl-l09_10.0.0.146\(c432e4r1p4\)

Never miss a vulnerability like this again

Reference Links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200226-01-smartphone-en

Frequently Asked Questions

What is CVE-2020-1792?
CVE-2020-1792 is a vulnerability affecting Honor V10 smartphones with earlier versions than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4).
What is the severity of CVE-2020-1792?
The severity of CVE-2020-1792 is high with a severity value of 5.5.
What software is affected by CVE-2020-1792?
Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) are affected by CVE-2020-1792.
What is the vulnerability description of CVE-2020-1792?
CVE-2020-1792 is an out of bounds write vulnerability that allows the software to write data beyond the intended buffer due to insufficient parameter validation.
How can I fix CVE-2020-1792?
To fix CVE-2020-1792, update your Honor V10 smartphone to BKL-AL20 10.0.0.156(C00E156R2P4) or BKL-L09 10.0.0.146(C432E4R1P4) or later versions.

collector/nvd-index
agent/weakness
agent/author
agent/type
agent/event
agent/severity
agent/references
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/huawei
canonical/huawei honor v10 firmware
canonical/huawei honor v10

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.