Information Disclosure Vulnerability in Huawei Smartphones
CVE-2020-9082

4.6MEDIUM

Key Information:

Vendor: Huawei
Status: Huawei Mate 20
Vendor: CVE Published:; 27 December 2024

Summary

Researchers have identified an information disclosure vulnerability in multiple Huawei smartphones due to a logical flaw occurring under specific conditions. The vulnerability allows an attacker, who has already obtained permissions to execute commands in Android Debug Bridge (ADB) mode, to perform a sequence of operations that may lead to the unauthorized disclosure of sensitive information from applications secured by Applock. This exposure can compromise user privacy and the security of sensitive data contained within affected apps.

Affected Version(s)

HUAWEI Mate 20 Versions earlier than 10.1.0.160(C00)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 27, 2024
Vulnerability Reserved
Feb 18, 2020