Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-9080

There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.

Published

2024-12-27T10:15:10.313

Last Modified

2025-01-10T20:36:43.037

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-269
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	mate_20_pro_firmware	10.1.0.135\(c01e135r2p8\)	Yes
Hardware	huawei	mate_20_pro	-	No
Operating System	huawei	mate_20_pro_\(ud\)_firmware	10.1.0.135\(c00e135r3p8\)	Yes
Hardware	huawei	mate_20_pro_\(ud\)	-	No
Operating System	huawei	nova_5i_firmware	< 10.0.0.125\(c01e123r7p3\)	Yes
Hardware	huawei	nova_5i	-	No

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-01-smartphone-en Vendor Advisory ([email protected])