VYPR
← All advisories
Unrated severityNVD Advisory· Published Oct 19, 2020· Updated Aug 4, 2024

CVE-2020-9113

CVE-2020-9113

Description

HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Buffer overflow in Huawei Mate 20 Bluetooth module allows unauthenticated attacker to execute code after successful pairing.

Vulnerability

A buffer overflow vulnerability exists in the Bluetooth module of Huawei Mate 20 devices running versions earlier than 10.0.0.188(C00E74R3P8). Due to insufficient input validation, an unauthenticated attacker can craft malicious Bluetooth messages after successfully pairing with the device, causing a buffer overflow. [1]

Exploitation

To exploit this vulnerability, an attacker must first establish a Bluetooth pairing with the target device. After pairing, the attacker sends specially crafted Bluetooth messages that trigger the buffer overflow due to insufficient input validation. No additional authentication is required beyond the initial pairing. [1]

Impact

Successful exploitation of the buffer overflow can lead to arbitrary code execution on the affected device. This compromises the confidentiality, integrity, and availability of the device, potentially allowing the attacker to gain full control. [1]

Mitigation

Huawei has released a software update to address this vulnerability. The fixed version is 10.0.0.188(C00E74R3P8). Users are advised to update their devices to this version or later. No workarounds are provided in the available references. [1]

References
  1. Security Advisory - Buffer Overflow Vulnerability in the Bluetooth Module of Some Huawei Mobile Phones

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • HUAWEI/Mate 20description
  • Huawei/Mate20llm-fuzzy
    Range: <10.0.0.188(C00E74R3P8)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.