5.5

CVE-2020-9239

Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than 8.0.0.163(C636),Versions earlier than 8.0.0.172(C10);Duke-L09 versions Duke-L09C10B187, versions Duke-L09C432B189, versions Duke-L09C636B189;HUAWEI P20 versions earlier than 8.0.1.16(C00);HUAWEI P20 Pro versions earlier than 8.1.0.152(C00);Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172;LON-L29D versions LON-L29DC721B192;NEO-AL00D versions earlier than 8.1.0.172(C786);Stanford-AL00 versions Stanford-AL00C00B123;Toronto-AL00 versions earlier than Toronto-AL00AC00B225;Toronto-AL00A versions earlier than Toronto-AL00AC00B225;Toronto-TL10 versions earlier than Toronto-TL10C01B225 have an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerab

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HuaweiBla-a09 Firmware Version8.0.0.123(c212)
   HuaweiBla-a09 Version-
HuaweiBla-a09 Firmware Version < 8.0.0.123\(c567\)
   HuaweiBla-a09 Version-
HuaweiBla-a09 Firmware Version < 8.0.0.123\(c797\)
   HuaweiBla-a09 Version-
HuaweiBla-tl00b Firmware Version < 8.1.0.326\(c01\)
   HuaweiBla-tl00b Version-
HuaweiBerkeley-l09 Firmware Version < 8.0.0.163\(c10\)
   HuaweiBerkeley-l09 Version-
HuaweiBerkeley-l09 Firmware Version <= 8.0.0.163\(c432\)
   HuaweiBerkeley-l09 Version-
HuaweiBerkeley-l09 Firmware Version < 8.0.0.163\(c636\)
   HuaweiBerkeley-l09 Version-
HuaweiBerkeley-l09 Firmware Version < 8.0.0.172\(c10\)
   HuaweiBerkeley-l09 Version-
HuaweiDuke-l09 Firmware Versionduke-l09c10b187
   HuaweiDuke-l09 Version-
HuaweiDuke-l09 Firmware Versionduke-l09c432b189
   HuaweiDuke-l09 Version-
HuaweiDuke-l09 Firmware Versionduke-l09c636b189
   HuaweiDuke-l09 Version-
HuaweiP20 Firmware Version < 8.0.1.16\(c00\)
   HuaweiP20 Version-
HuaweiP20 Pro Firmware Version < 8.1.0.152\(c00\)
   HuaweiP20 Pro Version-
HuaweiJimmy-al00a Firmware Version < jimmy-al00ac00b172
   HuaweiJimmy-al00a Version-
HuaweiLon-l29d Firmware Versionlon-l29dc721b192
   HuaweiLon-l29d Version-
HuaweiNeo-al00d Firmware Version < 8.1.0.172\(c786\)
   HuaweiNeo-al00d Version-
HuaweiStanford-al00 Firmware Versionstanford-al00c00b123
   HuaweiStanford-al00 Version-
HuaweiToronto-al00 Firmware Version < toronto-al00ac00b225
   HuaweiToronto-al00 Version-
HuaweiToronto-al00a Firmware Version < toronto-al00ac00b225
   HuaweiToronto-al00a Version-
HuaweiToronto-tl10 Firmware Version < toronto-tl10c01b225
   HuaweiToronto-tl10 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.061
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.