CVE-2020-9259

6.5MEDIUM

Key Information:

Vendor: Huawei
Status: Honor V30
Vendor: CVE Published:; 17 July 2020

Summary

Huawei Honor V30 smartphones with versions earlier than 10.1.0.212(C00E210R5P1) have an improper authentication vulnerability. The system does not sufficiently validate certain parameter passed from the bottom level, the attacker should trick the user into installing a malicious application and control the bottom level, successful exploit could cause information disclosure.

Affected Version(s)

Honor V30 Versions earlier than 10.1.0.212(C00E210R5P1)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 17, 2020
Vulnerability Reserved
Feb 18, 2020