Lucene search
HuaweiCVELIST:CVE-2020-36602HistorySep 20, 2022 - 7:42 p.m.
CVE-2020-36602
2022-09-2019:42:39
huawei
www.cve.org
4
vulnerability
headset products
out-of-bounds
unauthenticated attacker
crafted message
insufficient validation
EPSS
0.001
Percentile
26.4%
There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write.
CNA Affected
[
{
"product": "576up005 HOTA-CM-H-Shark-BD;577HOTA-CM-H-Shark-BD;581up-HOTA-CM-H-Shark-BD;586-HOTA-CM-H-Shark-BD;588-HOTA-CM-H-Shark-BD;606-HOTA-CM-H-Shark-BD;BI-ACC-REPORT;CM-H-Shark-BD",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.0.576-fullpackage"
},
{
"status": "affected",
"version": "1.0.0.577-fullpackage"
},
{
"status": "affected",
"version": "1.0.0.581-fullpackage"
},
{
"status": "affected",
"version": "1.0.0.586-fullpackage"
},
{
"status": "affected",
"version": "1.0.0.588-fullpackage"
},
{
"status": "affected",
"version": "1.0.0.606-fullpackage"
},
{
"status": "affected",
"version": "1.0.0.1,1.0.0.2,1.0.0.3,1.0.0.4,1.0.0.5"
},
{
"status": "affected",
"version": "1.0.0.106,1.0.0.116,1.0.0.202,1.0.0.208,1.0.0.216,1.0.0.226,1.0.0.228,1.0.0.510,1.0.0.520,1.0.0.522,1.0.0.566,1.0.0.576,1.0.0.578,1.0.0.586,1.0.0.588,1.0.0.66(VN2-SP11),1.0.0.66(VN2-SP15),1.0.0.66(VN2-SP17),1.0.0.66(VN2-SP21),1.0.0.66(VN2-SP27),1.0.0.66(VN2-SP29),1.0.0.66(VN2-SP31),1.0.0.66(VN2-SP33),1.9.0.208,1.9.0.216,1.9.0.226,1.9.0.228,1.9.0.510,1.9.0.520,1.9.0.522,1.9.0.566,1.9.0.578,1.9.0.586,1.9.0.588"
}
]
}
]Related
prion
prion
Out-of-bounds
2022-09-20 20:15:00
cve
cve
CVE-2020-36602
2022-09-20 20:15:09
huawei
huawei
nvd
nvd
CVE-2020-36602
2022-09-20 20:15:09