CVE-2020-9065: Use After Free
First published: Thu Mar 26 2020(Updated: )
Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the availability.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Taurus-al00b Firmware | <10.0.0.203\(c00e201r7p2\) | |
| Huawei Taurus-al00b |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Huawei smart phone vulnerability?
The vulnerability ID for this Huawei smart phone vulnerability is CVE-2020-9065.
What is the affected software for this vulnerability?
The affected software is Huawei Taurus-al00b Firmware with versions earlier than 10.0.0.203(C00E201R7P2).
What is the severity of CVE-2020-9065 vulnerability?
The severity of CVE-2020-9065 vulnerability is medium with a CVSS score of 5.5.
How can a local attacker exploit this vulnerability?
A local attacker may perform specific operations to exploit the use-after-free (UAF) vulnerability in Huawei Taurus-AL00B smart phone.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on Huawei's official security advisory page at https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200325-01-smartphone-en.
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- agent/type
- agent/first-publish-date
- vendor/huawei
- canonical/huawei taurus-al00b firmware
- canonical/huawei taurus-al00b