Privilege Escalation Vulnerability in Huawei Smartphones
CVE-2020-9119

6.2MEDIUM

Key Information:

Vendor: Huawei
Status: Huawei Mate 10;huawei Mate 30;huawei Mate 30 Pro;huawei P40;huawei P40 Pro
Vendor: CVE Published:; 24 December 2020

Summary

A design flaw in certain Huawei smartphones allows an attacker with physical access to escalate privileges, enabling them to execute unauthorized commands and potentially compromise user data. This vulnerability emphasizes the importance of securing physical access to devices.

Affected Version(s)

HUAWEI Mate 10;HUAWEI Mate 30;HUAWEI Mate 30 Pro;HUAWEI P40;HUAWEI P40 Pro Versions earlier than 10.0.0.189(C185E6R1P3)

HUAWEI Mate 10;HUAWEI Mate 30;HUAWEI Mate 30 Pro;HUAWEI P40;HUAWEI P40 Pro Versions earlier than 10.1.0.156(C00E155R7P2)

HUAWEI Mate 10;HUAWEI Mate 30;HUAWEI Mate 30 Pro;HUAWEI P40;HUAWEI P40 Pro Versions earlier than 10.1.0.156(C00E156R7P2)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 24, 2020
Vulnerability Reserved
Feb 18, 2020