Vulnerabilities > CVE-2020-9227 - Missing Initialization of Resource vulnerability in Huawei Moana-Al00B Firmware

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

huawei

CWE-909

NVD

Published: 2020-07-17

Updated: 2024-11-21

Summary

Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization of resource vulnerability. An attacker tricks the user into installing then running a crafted application. Due to improper initialization of specific parameters, successful exploit of this vulnerability may cause device exceptions.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Moana Al00B Firmware -	1
Hardware	Huawei Huawei Moana Al00B -	1

Common Weakness Enumeration (CWE)

CWE-909 - Missing Initialization of Resource

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-09-smartphone-en
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-09-smartphone-en