exploitDog

CVE-2020-9091

Опубликовано: 12 окт. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out-of-bounds read and write vulnerability. Some functions do not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device.

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-03-smartphone-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-03-smartphone-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:taurus-an00b_firmware:10.1.0.156\(c00e155r7p2\):*:*:*:*:*:*:*

cpe:2.3:h:huawei:taurus-an00b:-:*:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00024

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-wp9c-rpgf-2rhf

github

больше 3 лет назад

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out-of-bounds read and write vulnerability. Some functions do not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device.

EPSS

Процентиль: 6%

0.00024

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125