CVE-2020-9226

Published: Jul 6, 2020Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. The system does not improper check signature of specific software package, an attacker may exploit this vulnerability to load a crafted software package to the device.

Affected (1)

Products: Huawei: P30 Firmware

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei P30 Firmware	Before 10.1.0.135\(c00e135r2p11\)

Running on/with	Platform Versions
Huawei P30	All versions

Related CWEs

Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (2)

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-02-smartphone-en

Source: psirt@huawei.com

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-02-smartphone-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.