CVE-2020-1792

Name of the Vulnerable Software and Affected Versions Honor V10 smartphones versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) Honor V10 smartphones versions earlier than BKL-L09 10.0.0.146(C432E4R1P4)

Description The issue is related to an out of bounds write vulnerability. It occurs because the software writes data past the end of the intended buffer due to insufficient validation of a certain parameter when initializing a certain driver program. An attacker could trick the user into installing a malicious application. If the exploit is successful, it could cause the device to reboot.

Recommendations For versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4), update to version BKL-AL20 10.0.0.156(C00E156R2P4) or later. For versions earlier than BKL-L09 10.0.0.146(C432E4R1P4), update to version BKL-L09 10.0.0.146(C432E4R1P4) or later. As a temporary workaround, consider restricting the installation of applications from untrusted sources to minimize the risk of exploitation.