Security Advisory - UNISOC Chip Vulnerability in
Some Honor Products

1.Summary


Some Honor products are affected by UNISOC Chip vulnerability, successful exploitation could cause denial of service or remote code execution.

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-20210

For products that have released software updates to fix this vulnerability, Honor will release and update the Security Advisory.



2. Software Versions and Fixes


Product Name Resolved Product and Version
Honor Play 20(KOZ-AL00) 4.0.0.210(C00E35R4P1patch01)
Honor Play 5T(KOZ-AL40) 4.0.0.210(C00E33R2P2patch01)


3. Impact


Successful exploitation could cause denial of service or remote code execution.



4.Obtaining Fixed Software


The product that supports automatic update will receive a system update prompt. You can install the update to fix the vulnerability.



5. Revision History


2022-07-20 V1.0 INITIAL



6.Honor Security Procedures


Honor adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy obtain Honor product vulnerability information, please visit https://www.hihonor.com/pk/security/