Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-9239

Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than 8.0.0.163(C636),Versions earlier than 8.0.0.172(C10);Duke-L09 versions Duke-L09C10B187, versions Duke-L09C432B189, versions Duke-L09C636B189;HUAWEI P20 versions earlier than 8.0.1.16(C00);HUAWEI P20 Pro versions earlier than 8.1.0.152(C00);Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172;LON-L29D versions LON-L29DC721B192;NEO-AL00D versions earlier than 8.1.0.172(C786);Stanford-AL00 versions Stanford-AL00C00B123;Toronto-AL00 versions earlier than Toronto-AL00AC00B225;Toronto-AL00A versions earlier than Toronto-AL00AC00B225;Toronto-TL10 versions earlier than Toronto-TL10C01B225 have an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerab

Published

2020-09-11T14:15:11.660

Last Modified

2024-11-21T05:40:13.153

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

3.9

Impact Score

2.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	bla-a09_firmware	8.0.0.123\(c212\)	Yes
Hardware	huawei	bla-a09	-	No
Operating System	huawei	bla-a09_firmware	< 8.0.0.123\(c567\)	Yes
Hardware	huawei	bla-a09	-	No
Operating System	huawei	bla-a09_firmware	< 8.0.0.123\(c797\)	Yes
Hardware	huawei	bla-a09	-	No
Operating System	huawei	bla-tl00b_firmware	< 8.1.0.326\(c01\)	Yes
Hardware	huawei	bla-tl00b	-	No
Operating System	huawei	berkeley-l09_firmware	< 8.0.0.163\(c10\)	Yes
Hardware	huawei	berkeley-l09	-	No
Operating System	huawei	berkeley-l09_firmware	≤ 8.0.0.163\(c432\)	Yes
Hardware	huawei	berkeley-l09	-	No
Operating System	huawei	berkeley-l09_firmware	< 8.0.0.163\(c636\)	Yes
Hardware	huawei	berkeley-l09	-	No
Operating System	huawei	berkeley-l09_firmware	< 8.0.0.172\(c10\)	Yes
Hardware	huawei	berkeley-l09	-	No
Operating System	huawei	duke-l09_firmware	duke-l09c10b187	Yes
Operating System	huawei	duke-l09_firmware	duke-l09c432b189	Yes
Operating System	huawei	duke-l09_firmware	duke-l09c636b189	Yes
Hardware	huawei	duke-l09	-	No
Operating System	huawei	p20_firmware	< 8.0.1.16\(c00\)	Yes
Hardware	huawei	p20	-	No
Operating System	huawei	p20_pro_firmware	< 8.1.0.152\(c00\)	Yes
Hardware	huawei	p20_pro	-	No
Operating System	huawei	jimmy-al00a_firmware	< jimmy-al00ac00b172	Yes
Hardware	huawei	jimmy-al00a	-	No
Operating System	huawei	lon-l29d_firmware	lon-l29dc721b192	Yes
Hardware	huawei	lon-l29d	-	No
Operating System	huawei	neo-al00d_firmware	< 8.1.0.172\(c786\)	Yes
Hardware	huawei	neo-al00d	-	No
Operating System	huawei	stanford-al00_firmware	stanford-al00c00b123	Yes
Hardware	huawei	stanford-al00	-	No
Operating System	huawei	toronto-al00_firmware	< toronto-al00ac00b225	Yes
Hardware	huawei	toronto-al00	-	No
Operating System	huawei	toronto-al00a_firmware	< toronto-al00ac00b225	Yes
Hardware	huawei	toronto-al00a	-	No
Operating System	huawei	toronto-tl10_firmware	< toronto-tl10c01b225	Yes
Hardware	huawei	toronto-tl10	-	No

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200909-04-smartphone-en Vendor Advisory ([email protected])
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200909-04-smartphone-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)