CVE-2020-1880: Input Validation
First published: Mon Apr 27 2020(Updated: )
Huawei smartphone Lion-AL00C with versions earlier than 10.0.0.205(C00E202R7P2) have a denial of service vulnerability. An attacker crafted specially file to the affected device. Due to insufficient input validation of the value when executing the file, successful exploit may cause device abnormal.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Lion-al00c | <10.0.0.205\(c00e202r7p2\) | |
| Huawei Lion-al00c Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-1880?
CVE-2020-1880 has a severity rating of medium due to its potential to cause denial of service.
How do I fix CVE-2020-1880?
To mitigate CVE-2020-1880, users should update their Huawei Lion-AL00C devices to firmware version 10.0.0.205(C00E202R7P2) or later.
What type of vulnerability is CVE-2020-1880?
CVE-2020-1880 is classified as a denial of service vulnerability.
Who is affected by CVE-2020-1880?
CVE-2020-1880 affects Huawei smartphone model Lion-AL00C running firmware versions earlier than 10.0.0.205(C00E202R7P2).
What can an attacker do with CVE-2020-1880?
An attacker can exploit CVE-2020-1880 by crafting a specially designed file that triggers device abnormal behavior.
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei lion-al00c
- canonical/huawei lion-al00c firmware