7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.6%
There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8). An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same variate at the same time. Successful exploit could cause execution of malicious code.
[
{
"product": "Honor V10, Honor 10, Honor Play",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8)"
},
{
"status": "affected",
"version": "Versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8)"
}
]
}
]
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.6%