CVE-2020-36602

There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
huaweiCNA
---
---
CVEADP
---
---
CISA-ADPADP
6.1 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
huawei576up005_hota-cm-h-shark-bd_firmware
1.0.0.576
huawei577hota-cm-h-shark-bd_firmware
1.0.0.577
huawei581up-hota-cm-h-shark-bd_firmware
1.0.0.581
huawei586-hota-cm-h-shark-bd_firmware
1.0.0.586
huawei588-hota-cm-h-shark-bd_firmware
1.0.0.588
huawei606-hota-cm-h-shark-bd_firmware
1.0.0.606
huaweibi-acc-report_firmware
1.0.0.1
huaweibi-acc-report_firmware
1.0.0.2
huaweibi-acc-report_firmware
1.0.0.3
huaweibi-acc-report_firmware
1.0.0.4
huaweibi-acc-report_firmware
1.0.0.5
huaweicm-h-shark-bd_firmware
1.0.0.66\(vn2-sp11\)
huaweicm-h-shark-bd_firmware
1.0.0.66\(vn2-sp15\)
huaweicm-h-shark-bd_firmware
1.0.0.66\(vn2-sp17\)
huaweicm-h-shark-bd_firmware
1.0.0.66\(vn2-sp21\)
huaweicm-h-shark-bd_firmware
1.0.0.66\(vn2-sp27\)
huaweicm-h-shark-bd_firmware
1.0.0.66\(vn2-sp29\)
huaweicm-h-shark-bd_firmware
1.0.0.66\(vn2-sp31\)
huaweicm-h-shark-bd_firmware
1.0.0.66\(vn2-sp33\)
huaweicm-h-shark-bd_firmware
1.0.0.106
huaweicm-h-shark-bd_firmware
1.0.0.116
huaweicm-h-shark-bd_firmware
1.0.0.202
huaweicm-h-shark-bd_firmware
1.0.0.208
huaweicm-h-shark-bd_firmware
1.0.0.216
huaweicm-h-shark-bd_firmware
1.0.0.226
huaweicm-h-shark-bd_firmware
1.0.0.228
huaweicm-h-shark-bd_firmware
1.0.0.510
huaweicm-h-shark-bd_firmware
1.0.0.520
huaweicm-h-shark-bd_firmware
1.0.0.522
huaweicm-h-shark-bd_firmware
1.0.0.566
huaweicm-h-shark-bd_firmware
1.0.0.576
huaweicm-h-shark-bd_firmware
1.0.0.578
huaweicm-h-shark-bd_firmware
1.0.0.586
huaweicm-h-shark-bd_firmware
1.0.0.588
huaweicm-h-shark-bd_firmware
1.9.0.208
huaweicm-h-shark-bd_firmware
1.9.0.216
huaweicm-h-shark-bd_firmware
1.9.0.226
huaweicm-h-shark-bd_firmware
1.9.0.228
huaweicm-h-shark-bd_firmware
1.9.0.510
huaweicm-h-shark-bd_firmware
1.9.0.520
huaweicm-h-shark-bd_firmware
1.9.0.522
huaweicm-h-shark-bd_firmware
1.9.0.566
huaweicm-h-shark-bd_firmware
1.9.0.578
huaweicm-h-shark-bd_firmware
1.9.0.586
huaweicm-h-shark-bd_firmware
1.9.0.588
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220826-01-outofboundread-en
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220826-01-outofboundread-en