CVE-2020-9250

Published: Dec 20, 2024

Modified: Dec 20, 2024

PUBLISHED

CVSS v3.1

3.3

LOW

Description

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.

Vendor	Product	Versions
Huawei	HUAWEI Mate 20 Pro	affected `Versions earlier than 10.1.0.160(C00E160R3P8)`

Weaknesses (CWE)

CWE-287

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-01-smartphone-en

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-9250

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References