6.1
CVE-2020-36602
- EPSS 0.08%
- Published 20.09.2022 20:15:09
- Last modified 28.05.2025 16:15:21
- Source psirt@huawei.com
- Teams watchlist Login
- Open Login
There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write.
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ 576up005 Hota-cm-h-shark-bd Firmware Version1.0.0.576
Huawei ≫ 577hota-cm-h-shark-bd Firmware Version1.0.0.577
Huawei ≫ 581up-hota-cm-h-shark-bd Firmware Version1.0.0.581
Huawei ≫ 586-hota-cm-h-shark-bd Firmware Version1.0.0.586
Huawei ≫ 588-hota-cm-h-shark-bd Firmware Version1.0.0.588
Huawei ≫ 606-hota-cm-h-shark-bd Firmware Version1.0.0.606
Huawei ≫ Bi-acc-report Firmware Version1.0.0.1
Huawei ≫ Bi-acc-report Firmware Version1.0.0.2
Huawei ≫ Bi-acc-report Firmware Version1.0.0.3
Huawei ≫ Bi-acc-report Firmware Version1.0.0.4
Huawei ≫ Bi-acc-report Firmware Version1.0.0.5
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.106
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.116
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.202
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.208
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.216
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.226
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.228
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.510
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.520
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.522
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.566
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.576
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.578
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.586
Huawei ≫ Cm-h-shark-bd Firmware Version1.0.0.588
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.208
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.216
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.226
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.228
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.510
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.520
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.522
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.566
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.578
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.586
Huawei ≫ Cm-h-shark-bd Firmware Version1.9.0.588
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.234 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 0.9 | 5.2 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | 0.9 | 5.2 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.