HIGH🇵🇱 Wersja polska

CVE-2020-9080

CVSS 7.8v3.1pub. 2024-12-27upd. 2025-01-10

There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Huawei Mate 20 Pro

    HW
    Huawei
    wszystkie wersje
  • Huawei Mate 20 Pro Firmware

    OS
    Huawei
    10.1.0.135\(c01e135r2p8\)
  • Huawei Mate 20 Pro \(ud\)

    HW
    Huawei
    wszystkie wersje
  • Huawei Mate 20 Pro \(ud\) Firmware

    OS
    Huawei
    10.1.0.135\(c00e135r3p8\)
  • Huawei Nova 5i

    HW
    Huawei
    wszystkie wersje
  • Huawei Nova 5i Firmware

    OS
    Huawei
    < 10.0.0.125\(c01e123r7p3\)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2020-9247HIGH7.8ten sam produkt

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate...

CVE-2020-0022HIGH8.8ten sam produkt

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect ...

CVE-2019-5250HIGH7.8ten sam produkt

Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulne...

CVE-2021-22440MEDIUM4.6ten sam produkt

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software...

CVE-2020-9244MEDIUM6.8ten sam produkt

HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions ear...