Design/Logic Flaw

2020-05-1514:15:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.0%

JSON

Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than 10.1.0.123(C431E22R3P5), versions earlier than 10.1.0.126(C636E5R3P4), versions earlier than 10.1.0.160(C00E160R2P11); versions earlier than 10.1.0.126(C185E8R5P1), versions earlier than 10.1.0.126(C636E9R2P4), versions earlier than 10.1.0.160(C00E160R2P8); versions earlier than 10.0.0.179(C636E3R4P3), versions earlier than 10.0.0.180(C185E3R3P3), versions earlier than 10.0.0.180(C432E10R3P4), versions earlier than 10.0.0.181(C675E5R1P2) have an out of bound read vulnerability. The software reads data past the end of the intended buffer. The attacker tricks the user into installing a crafted application, successful exploit may cause information disclosure or service abnormal.

CPENameOperatorVersion
honor_20_firmwareeq< 10.0.0.187c0e60r4p11
honor_20_pro_firmwareeq< 10.0.0.187c0e60r4p11
honor_magic2_firmwareeq< 10.0.0.176c0e60r2p11
honor_view_20_firmwareeq< 10.0.0.179c636e3r4p3
honor_view_20_firmwareeq< 10.0.0.180c185e3r3p3
honor_view_20_firmwareeq< 10.0.0.180c432e10r3p4
honor_view_20_firmwareeq< 10.0.0.188c0e62r2p11

Name	Operator	Version
honor_20_firmware	eq	< 10.0.0.187c0e60r4p11
honor_20_pro_firmware	eq	< 10.0.0.187c0e60r4p11
honor_magic2_firmware	eq	< 10.0.0.176c0e60r2p11
honor_view_20_firmware	eq	< 10.0.0.179c636e3r4p3
honor_view_20_firmware	eq	< 10.0.0.180c185e3r3p3
honor_view_20_firmware	eq	< 10.0.0.180c432e10r3p4
honor_view_20_firmware	eq	< 10.0.0.188c0e62r2p11