Information Exposure in Huawei HONOR 20 PRO Due to Input Control Flaw
CVE-2020-9235
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 3 September 2020
Summary
An information exposure vulnerability exists in the Huawei HONOR 20 PRO due to a design error that lacks proper control of input data. This flaw can be exploited by attackers, enabling them to gain unauthorized access to sensitive information, potentially resulting in data leakage. Users of affected versions of the HONOR 20 PRO should ensure they update their devices to the latest software version to mitigate the risk of exploitation. Details regarding the specific versions impacted can be found in the security advisory provided by Huawei.
Affected Version(s)
HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1)
HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3)
HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A Versions earlier than 10.1.0.212(C00E210R5P1)
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved