Skip to main content

Mate 30 Firmware CVE-2020-9243

MEDIUM
Uncontrolled Recursion (CWE-674)
2020-08-10 psirt@huawei.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 10, 2020 - 20:15 nvd
MEDIUM 5.5

DescriptionNVD

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition.

AnalysisAI

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-674. HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition. Affected products include: Huawei Mate 30 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2020-0022 HIGH POC
8.8 Feb 13

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds cal

CVE-2020-9263 HIGH
7.8 Oct 19

HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11

CVE-2020-9262 HIGH
7.8 Jul 06

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. Rated high severi

CVE-2020-9261 HIGH
7.8 Jul 06

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a type confusion vulnerability. Rated high severi

CVE-2021-22301 MEDIUM
6.7 Feb 06

Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. Rated medium severity (CVSS 6.7), this vulnerabili

CVE-2020-9125 MEDIUM
6.7 Dec 29

There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2).

CVE-2020-9129 MEDIUM
6.7 Nov 13

HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vulnerability of improper buffer operation. Rated me

CVE-2020-1835 MEDIUM
6.5 Jun 18

HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have an information disclosure vulnerability. Rated me

CVE-2020-1839 MEDIUM
6.3 Jul 06

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. Rated medium seve

CVE-2020-9119 MEDIUM
6.2 Dec 24

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. Rated medium severity (

CVE-2021-22364 MEDIUM
5.5 May 27

There is a denial of service vulnerability in the versions 10.1.0.126(C00E125R5P3) of HUAWEI Mate 30 and 10.1.0.152(C00E

CVE-2021-22307 MEDIUM
5.5 Feb 06

There is a weak algorithm vulnerability in Mate 3010.0.0.203(C00E201R7P2). Rated medium severity (CVSS 5.5), this vulner

Share

CVE-2020-9243 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy