CVE-2020-9119

6.2MEDIUM

Key Information:

Vendor: Huawei
Status: Huawei Mate 10;huawei Mate 30;huawei Mate 30 Pro;huawei P40;huawei P40 Pro
Vendor: CVE Published:; 24 December 2020

Summary

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.

Affected Version(s)

HUAWEI Mate 10;HUAWEI Mate 30;HUAWEI Mate 30 Pro;HUAWEI P40;HUAWEI P40 Pro Versions earlier than 10.0.0.189(C185E6R1P3)

HUAWEI Mate 10;HUAWEI Mate 30;HUAWEI Mate 30 Pro;HUAWEI P40;HUAWEI P40 Pro Versions earlier than 10.1.0.156(C00E155R7P2)

HUAWEI Mate 10;HUAWEI Mate 30;HUAWEI Mate 30 Pro;HUAWEI P40;HUAWEI P40 Pro Versions earlier than 10.1.0.156(C00E156R7P2)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 24, 2020
Vulnerability Reserved
Feb 18, 2020