6.2

CVE-2020-9119

EPSS 0.03%
Veröffentlicht 24.12.2020 16:15:15
Zuletzt bearbeitet 21.11.2024 05:40:05
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Mate 10 Firmware Version < 10.0.0.189\(c185e6r1p3\)

Huawei ≫ Mate 10 Version-

Huawei ≫ Mate 30 Firmware Version < 10.1.0.156\(c00e155r7p2\)

Huawei ≫ Mate 30 Version-

Huawei ≫ Mate 30 Pro Firmware Version < 10.1.0.156\(c00e156r7p2\)

Huawei ≫ Mate 30 Pro Version-

Huawei ≫ P40 Firmware Version < 10.1.0.150\(sp1c00e150r4p1\)

Huawei ≫ P40 Version-

Huawei ≫ P40 Pro Firmware Version < 10.1.0.150\(sp1c00e150r4p1\)

Huawei ≫ P40 Pro Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.051

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.2	0.3	5.9	CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartphone-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-9119

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-9119

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-9119

EUVD