CVE-2020-1792
Description
Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability. The software writes data past the end of the intended buffer because of insufficient validation of certain parameter when initializing certain driver program. An attacker could trick the user into installing a malicious application, successful exploit could cause the device to reboot.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An out-of-bounds write vulnerability in Honor V10 smartphones could allow an attacker to cause a device reboot via a malicious app.
Vulnerability
An out-of-bounds write vulnerability exists in Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and BKL-L09 10.0.0.146(C432E4R1P4). The software writes data past the end of the intended buffer due to insufficient validation of a certain parameter when initializing a specific driver program [1]. This allows an attacker to cause memory corruption.
Exploitation
To exploit this vulnerability, an attacker must trick the user into installing a malicious application. Once installed, the application can trigger the vulnerable driver initialization, leading to an out-of-bounds write. No additional privileges or network access are required beyond the initial user interaction [1].
Impact
Successful exploitation can cause the device to reboot, resulting in a temporary denial of service. The vulnerability does not lead to code execution or data compromise beyond the denial of service [1].
Mitigation
Huawei has released software updates to fix this vulnerability. Users should update to BKL-AL20 10.0.0.156(C00E156R2P4) or BKL-L09 10.0.0.146(C432E4R1P4) or later versions. The security advisory provides details and download links [1]. No workarounds have been disclosed.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Honor/V10 smartphonesdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20200226-01-smartphone-enmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.