CVE-2020-1808

Name of the Vulnerable Software and Affected Versions HUAWEI smartphones versions earlier than 10.0.0.188(C00E62R2P11) HUAWEI smartphones versions earlier than 10.0.0.187(C00E60R4P11) HUAWEI smartphones versions earlier than 10.0.0.180(C185E3R3P3) HUAWEI smartphones versions earlier than 10.0.0.180(C432E10R3P4) HUAWEI smartphones versions earlier than 10.0.0.179(C636E3R4P3) HUAWEI smartphones versions earlier than 10.0.0.176(C00E60R2P11) HUAWEI smartphones version 9.1.0.135(C00E133R2P1) HUAWEI smartphones versions earlier than 10.1.0.160(C00E160R2P11) HUAWEI smartphones versions earlier than 10.1.0.160(C00E160R2P8) HUAWEI smartphones versions earlier than 10.1.0.126(C185E8R5P1) HUAWEI smartphones versions earlier than 10.1.0.126(C636E9R2P4) HUAWEI smartphones versions earlier than 10.1.0.126(C636E5R3P4) HUAWEI smartphones versions earlier than 10.1.0.123(C431E22R3P5) Honor 20 version earlier than 10.0.0.187(C00E60R4P11) Honor 20 PRO version earlier than 10.0.0.187(C00E60R4P11) Honor Magic2 version earlier than 10.0.0.187(C00E60R4P11) HUAWEI Mate 20 X version earlier than 10.0.0.187(C00E60R4P11) HUAWEI P30 version earlier than 10.0.0.187(C00E60R4P11) HUAWEI P30 Pro version earlier than 10.0.0.187(C00E60R4P11) Honor View 20 version earlier than 10.0.0.187(C00E60R4P11)

Description The software has an out of bound read issue, where it reads data past the end of the intended buffer. An attacker can trick the user into installing a crafted application, and a successful exploit may cause information disclosure or service abnormality.

Recommendations For versions earlier than 10.0.0.188(C00E62R2P11), update to a version later than 10.0.0.188(C00E62R2P11). For versions earlier than 10.0.0.187(C00E60R4P11), update to a version later than 10.0.0.187(C00E60R4P11). For versions earlier than 10.0.0.180(C185E3R3P3), update to a version later than 10.0.0.180(C185E3R3P3). For versions earlier than 10.0.0.180(C432E10R3P4), update to a version later than 10.0.0.180(C432E10R3P4). For versions earlier than 10.0.0.179(C636E3R4P3), update to a version later than 10.0.0.179(C636E3R4P3). For versions earlier than 10.0.0.176(C00E60R2P11), update to a version later than 10.0.0.176(C00E60R2P11). For version 9.1.0.135(C00E133R2P1), update to a version later than 9.1.0.135(C00E133R2P1). For versions earlier than 10.1.0.160(C00E160R2P11), update to a version later than 10.1.0.160(C00E160R2P11). For versions earlier than 10.1.0.160(C00E160R2P8), update to a version later than 10.1.0.160(C00E160R2P8). For versions earlier than 10.1.0.126(C185E8R5P1), update to a version later than 10.1.0.126(C185E8R5P1). For versions earlier than 10.1.0.126(C636E9R2P4), update to a version later than 10.1.0.126(C636E9R2P4). For versions earlier than 10.1.0.126(C636E5R3P4), update to a version later than 10.1.0.126(C636E5R3P4). For versions earlier than 10.1.0.123(C431E22R3P5), update to a version later than 10.1.0.123(C431E22R3P5). As a temporary workaround, consider restricting the installation of crafted applications until a patch is available.