← back
CVE-2020-9257

CVE-2020-9257

EPSS 0.8%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.8%KEV nãoPoC Patch
Lifecycle
17 Jul 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
Affected products
Huawei · HUAWEI P30 Pro

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en