Out-of-bounds write in Some Huawei Headset Products

1) Out-of-bounds write

EUVDB-ID: #VU66901

Risk: Low

CVSSv3.1: 5.6 [CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-36602

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. An attacker with physical access can send a specially crafted message, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

576up005 HOTA-CM-H-Shark-BD: 1.0.0.576-fullpackage

577HOTA-CM-H-Shark-BD: 1.0.0.577-fullpackage

586-HOTA-CM-H-Shark-BD: 1.0.0.586-fullpackage

588-HOTA-CM-H-Shark-BD: 1.0.0.588-fullpackage

606-HOTA-CM-H-Shark-BD: 1.0.0.606-fullpackage

BI-ACC-REPORT: 1.0.0.1 - 1.0.0.5

CM-H-Shark-BD: 1.0.0.66(VN2-SP11) - 1.9.0.588

581up-HOTA-CM-H-Shark-BD: 1.0.0.581-fullpackage

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220826-01-outofboundread-en

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.