Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-9081

There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.

Published

2024-12-27T10:15:10.937

Last Modified

2025-01-10T20:37:44.267

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.5 (LOW)

Weaknesses

Type: Secondary
CWE-285
Type: Primary
CWE-863

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	mate_20_firmware	< 10.1.0.160\(c00e160r3p8\)	Yes
Hardware	huawei	mate_20	-	No
Operating System	huawei	p30_firmware	< 10.1.0.160\(c00e160r2p11\)	Yes
Hardware	huawei	p30	-	No
Operating System	huawei	p30_pro_firmware	< 10.1.0.160\(c00e160r2p8\)	Yes
Hardware	huawei	p30_pro	-	No
Operating System	huawei	princeton-al10d_firmware	< 10.1.0.160\(c00e160r2p11\)	Yes
Hardware	huawei	princeton-al10d	-	No
Operating System	huawei	yale-al00a_firmware	< 10.1.0.160\(c00e160r8p12\)	Yes
Hardware	huawei	yale-al00a	-	No
Operating System	huawei	yale-al50a_firmware	< 10.1.0.88\(c00e88r8p1\)	Yes
Hardware	huawei	yale-al50a	-	No
Operating System	huawei	yalep-al10b_firmware	< 10.1.0.160\(c00e160r8p12\)	Yes
Hardware	huawei	yalep-al10b	-	No
Operating System	huawei	mate_20_firmware	< 10.1.0.160\(c01e160r2p8\)	Yes
Hardware	huawei	mate_20	-	No
Operating System	huawei	p30_pro_firmware	< 10.1.0.160\(c01e160r2p8\)	Yes
Hardware	huawei	p30_pro	-	No

References

https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200826-15-smartphone-en Vendor Advisory ([email protected])