First published: Mon Oct 12 2020(Updated: )
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei P30 Pro Firmware | <10.1.0.160\(c00e160r2p8\) | |
HUAWEI P30 Pro | ||
Huawei P30 Pro Firmware | <10.1.0.160\(c01e160r2p8\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-9123 is a buffer overflow vulnerability found in HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8).
An attacker can exploit CVE-2020-9123 by inducing users to install malicious applications and sending specially constructed packets to affected devices after obtaining root permission.
The severity rating of CVE-2020-9123 is high, with a severity value of 7.8.
To fix CVE-2020-9123, update your HUAWEI P30 Pro firmware to version 10.1.0.160(C00E160R2P8) or later.
You can find more information about CVE-2020-9123 on the Huawei website at https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en.