CVE-2020-9107
First published: Mon Oct 12 2020(Updated: )
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei P30 Pro Firmware | <10.1.0.160\(c00e160r2p8\) | |
| HUAWEI P30 Pro |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this HUAWEI P30 Pro vulnerability?
The vulnerability ID for this HUAWEI P30 Pro vulnerability is CVE-2020-9107.
What is the severity of CVE-2020-9107?
CVE-2020-9107 has a severity rating of high.
How does this vulnerability affect HUAWEI P30 Pro?
This vulnerability affects HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8).
How can an attacker exploit CVE-2020-9107?
An attacker can exploit CVE-2020-9107 by crafting a malformed message with specific parameters and sending it to the affected products.
Is there a fix available for CVE-2020-9107?
Yes, the fix for CVE-2020-9107 is to update HUAWEI P30 Pro to version 10.1.0.160(C00E160R2P8) or later.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei p30 pro firmware
- canonical/huawei p30 pro