CVE-2020-9142

2021-01-1321:48:46

huawei

www.cve.org

huawei

smartphone

vulnerability

buffer overflow

memory overwriting

update file

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

42.5%

JSON

There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.

CNA Affected

[
  {
    "product": "EMUI;Magic UI",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
      },
      {
        "status": "affected",
        "version": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
      }
    ]
  }
]

References

consumer.huawei.com/en/support/bulletin/2020/12/