First published: Fri Jul 17 2020(Updated: )
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei P30 Pro Firmware | <10.1.0.123\(c432e19r2p5patch02\) | |
HUAWEI P30 Pro | ||
Huawei P30 Pro Firmware | <10.1.0.126\(c10e11r5p1\) | |
Huawei P30 Pro Firmware | <10.1.0.160\(c00e160r2p8\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-9254 is a logic check error vulnerability found in HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8).
CVE-2020-9254 has a severity score of 7.8 (high).
You can check if your HUAWEI P30 Pro is affected by CVE-2020-9254 by checking the firmware version. If your firmware version is earlier than 10.1.0.123(C432E19R2P5patch02), 10.1.0.126(C10E11R5P1), or 10.1.0.160(C00E160R2P8), then your device is affected.
To fix CVE-2020-9254, update your HUAWEI P30 Pro smartphone to version 10.1.0.123(C432E19R2P5patch02) or later, 10.1.0.126(C10E11R5P1) or later, or 10.1.0.160(C00E160R2P8) or later.
You can find more information about CVE-2020-9254 in the Huawei Security Advisory: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en