CVE-2020-9235

Published Sep 3, 2020

Last updated 3 years ago

CVSS medium 5.5

Overview

Description: Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F274713-28DD-423D-9298-F0D05465D654",
            "versionEndExcluding": "10.1.0.230\\(c432e9r5p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A8A96B1-0C57-4BDE-A4A4-1409A19B8C88",
            "versionEndExcluding": "10.1.0.231\\(c10e3r3p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEB8C3BF-7E85-4BE2-8A45-2A860933613B",
            "versionEndExcluding": "10.1.0.231\\(c185e3r5p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "793BF36B-E0CB-445D-9891-6508100895E2",
            "versionEndExcluding": "10.1.0.231\\(c636e3r3p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A91C527D-9227-4DF6-BB0B-318F02F809B1",
            "versionEndExcluding": "10.1.0.212\\(c432e10r3p4\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14366B9D-852C-4881-9EA0-7CF327D909CF",
            "versionEndExcluding": "10.1.0.213\\(c636e3r4p3\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3BB4FCB-BDB1-4EFD-BE78-F16D56B63CDD",
            "versionEndExcluding": "10.1.0.214\\(c10e5r4p3\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D30B08C8-FC1C-45AD-90D1-780401879E0F",
            "versionEndExcluding": "10.1.0.214\\(c185e3r3p3\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:oxfords-an00a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5121368D-49AB-4786-A7E7-191592073E56",
            "versionEndExcluding": "10.1.0.212\\(c00e210r5p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:oxfords-an00a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1F6D6CD6-3D6F-401E-8035-4D9A3F06FFA1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B4B9600-877F-458C-8E89-40E0B0D21E8A",
            "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:princeton-al10d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8C262C7-C463-4F74-8F6B-6BF9B4FDCBCF",
            "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "11E6B825-CA55-4BEC-8279-3F33F7CC93EE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:princeton-tl10c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "860E54AE-BB2C-4ED1-809E-F39DB31BE817",
            "versionEndExcluding": "10.1.0.160\\(c01e160r2p11\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "35F6A54F-E004-4BE7-A6A6-3E7C300DC498"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21BE2094-71C2-4C64-860E-67DE745110AD",
            "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:yale-al00a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BDC1976-E07B-4464-84DB-EACAE30D97E5",
            "versionEndExcluding": "10.1.0.160\\(c00e160r8p12\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "562D05D2-CC9E-4973-9E8D-B40C0ED6C721"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64B571E5-C93B-42AD-ACEF-DE8155D9993E",
            "versionEndExcluding": "10.1.0.230\\(c432e9r5p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2221682B-7C40-43F0-8BE4-64872D0388E6",
            "versionEndExcluding": "10.1.0.231\\(c10e3r3p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E706A193-3908-4D3F-9E90-8FAEDA2CF12F",
            "versionEndExcluding": "10.1.0.231\\(c636e3r3p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F414D697-EA17-4565-9168-47D17427E00E",
            "versionEndExcluding": "10.1.0.225\\(c431e3r1p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5AB7B562-CDE8-47F2-8537-52AB3640E218"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAF4CBFD-6BB8-46B0-85B2-C2C144190AA0",
            "versionEndExcluding": "10.1.0.225\\(c432e3r1p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5AB7B562-CDE8-47F2-8537-52AB3640E218"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References