{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F274713-28DD-423D-9298-F0D05465D654", "versionEndExcluding": "10.1.0.230\\(c432e9r5p1\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD", "versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AAE421D2-9633-43AA-8548-9F2E8A7B724A", "versionEndExcluding": "10.1.0.270\\(c432e7r1p5\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "73419613-9F87-4E99-9A8D-D8B6B74F882D", "versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_firmware:9.1.0.272\\(c635e4r2p2\\):*:*:*:*:*:*:*", "matchCriteriaId": "09F3E84F-6F0A-40BC-91D5-C08A065EE345", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", "versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "171D6C45-8616-4D7A-8869-7C69DB877316", "versionEndExcluding": "10.1.0.273\\(c185e5r2p4\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*", "matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:laya-al00ep_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6EBD1414-620B-4367-BF57-9AED468EA81C", "versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B3A54AE-DC30-429B-8FB8-BE6EB933E685", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B4B9600-877F-458C-8E89-40E0B0D21E8A", "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "21BE2094-71C2-4C64-860E-67DE745110AD", "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAF4CBFD-6BB8-46B0-85B2-C2C144190AA0", "versionEndExcluding": "10.1.0.225\\(c432e3r1p2\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AB7B562-CDE8-47F2-8537-52AB3640E218", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-tl00b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4C61685-A7A9-4E2E-BA7B-15A3C32B3F4B", "versionEndExcluding": "10.1.0.160\\(c01e160r8p12\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4177D27-D234-4BBF-A4D9-1C0DCE5B322C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yalep-al10b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A68AFA26-2D0F-4896-AB42-4E3327935F9D", "versionEndExcluding": "10.1.0.160\\(c00e160r8p12\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7D81385-913B-4A38-A712-41CAE7B78DF4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A8A96B1-0C57-4BDE-A4A4-1409A19B8C88", "versionEndExcluding": "10.1.0.231\\(c10e3r3p2\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD6E8C02-F0E4-456E-A456-93FC2C568DF2", "versionEndExcluding": "10.1.0.270\\(c635e3r1p5\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9AA09E4-2CEF-4482-AA24-00AF0C2E7050", "versionEndExcluding": "10.1.0.273\\(c185e7r2p4\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "45D23DA1-BD80-4157-A418-56A8B5DA544D", "versionEndExcluding": "10.1.0.273\\(c636e7r2p4\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "07AE032D-2BA2-4717-8280-98182B3A61AB", "versionEndExcluding": "10.1.0.277\\(c10e7r2p4\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC8A76AE-FE0F-4C53-86EC-7663351D4EF9", "versionEndExcluding": "10.1.0.277\\(c605e7r1p5\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "17DCDDE2-A0F8-451D-8B92-029EAD61A6D2", "versionEndExcluding": "10.1.0.123\\(c432e22r2p5\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "67F9D5D0-FA78-4FE6-945F-C92692EE5E15", "versionEndExcluding": "10.1.0.126\\(c10e7r5p1\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AB36260-4707-4F6C-A5EF-9948BB1C5018", "versionEndExcluding": "10.1.0.126\\(c185e4r7p1\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EC986DB-F634-4E50-9934-AE9406CBA72A", "versionEndExcluding": "10.1.0.126\\(c605e19r1p3\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA764DAA-0533-4A69-95A3-00260583800B", "versionEndExcluding": "10.1.0.126\\(c636e5r3p4\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A19133CB-485B-4FF9-A103-6A76CB9332F5", "versionEndExcluding": "10.1.0.126\\(c636e7r3p4\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDF06609-7E15-4F42-A112-9925185F5925", "versionEndExcluding": "10.1.0.273\\(c636e5r2p4\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*", "matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6066AB6A-2C61-4192-95DE-9CF1173F5666", "versionEndExcluding": "10.1.0.275\\(c10e4r2p4\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*", "matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3687F033-B75A-497E-B435-87D5D2F2A071", "versionEndExcluding": "10.1.0.226\\(c10e3r1p1\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AB7B562-CDE8-47F2-8537-52AB3640E218", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer en varios productos de Huawei. El sistema no valida suficientemente ciertos par\u00e1metros de configuraci\u00f3n que son pasados desde usuario y que causar\u00edan un desbordamiento del b\u00fafer. El atacante deber\u00eda enga\u00f1ar al usuario para que instale y ejecute una aplicaci\u00f3n maliciosa con un alto privilegio; una explotaci\u00f3n con \u00e9xito puede provocar una ejecuci\u00f3n de c\u00f3digo. Los productos afectados incluyen Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B y YaleP- AL10B"}], "id": "CVE-2020-9247", "lastModified": "2024-11-21T05:40:15.980", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-07T13:15:11.123", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "psirt@huawei.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}