PT-2020-20487 · Huawei · Taurus-Al00A
Published
2020-12-29
·
Updated
2020-12-30
·
CVE-2020-9093
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Taurus-AL00A version 10.0.0.1(C00E1R1P1)
Description
A use after free issue exists due to a module not handling specific messages properly, causing a function to reference memory after it has been freed. Attackers can exploit this by running a crafted application with common privilege, compromising normal service.
Recommendations
For Taurus-AL00A version 10.0.0.1(C00E1R1P1), at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Taurus-Al00A