CVE-2020-9113

HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution.

Published: Oct 19, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-9113
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8
AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 5.4
AV:A/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-120

Affected Software
References

Software	From	Fixed in
huawei / mate_20_firmware	-	10.0.0.188\(c00e74r3p8\)

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-en

Vulnerability Database

289,697

CVE-2020-9113