CVE-2020-9119

Published: Dec 24, 2020Modified: Nov 21, 2024

6.2

Vector

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.3 / Impact: 5.9

Source: NVD

Description

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.

Affected (5)

Products: Huawei: Mate 10 Firmware, Mate 30 Firmware, Mate 30 Pro Firmware, P40 Firmware, P40 Pro Firmware

5 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Mate 10 Firmware	Before 10.0.0.189\(c185e6r1p3\)

Running on/with	Platform Versions
Huawei Mate 10	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Mate 30 Firmware	Before 10.1.0.156\(c00e155r7p2\)

Running on/with	Platform Versions
Huawei Mate 30	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Mate 30 Pro Firmware	Before 10.1.0.156\(c00e156r7p2\)

Running on/with	Platform Versions
Huawei Mate 30 Pro	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei P40 Firmware	Before 10.1.0.150\(sp1c00e150r4p1\)

Running on/with	Platform Versions
Huawei P40	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei P40 Pro Firmware	Before 10.1.0.150\(sp1c00e150r4p1\)

Running on/with	Platform Versions
Huawei P40 Pro	All versions

References (2)

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartphone-en

Source: psirt@huawei.com

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartphone-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.