CVE-2020-9244

EPSS 0.03%
Published 11.08.2020 19:15:17
Last modified 21.11.2024 05:40:15
Source psirt@huawei.com
Teams watchlist Login
Open Login

HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Mate 20 Firmware Version < 10.1.0.160\(c00e160r3p8\)

Huawei ≫ Mate 20 Version-

Huawei ≫ Mate 20 Pro Firmware Version < 10.1.0.270\(c431e7r1p5\)

Huawei ≫ Mate 20 Pro Version-

Huawei ≫ Mate 20 X Firmware Version < 10.1.0.160\(c00e160r2p8\)

Huawei ≫ Mate 20 X Version-

Huawei ≫ P30 Firmware Version < 10.1.0.160\(c00e160r2p11\)

Huawei ≫ P30 Version-

Huawei ≫ P30 Pro Firmware Version < 10.1.0.160\(c00e160r2p8\)

Huawei ≫ P30 Pro Version-

Huawei ≫ Mate 20 Rs Firmware Version < 10.1.0.160\(c786e160r3p8\)

Huawei ≫ Mate 20 Rs Version-

Huawei ≫ Honor Magic 2 Firmware Version < 10.0.0.187\(c00e61r2p11\)

Huawei ≫ Honor Magic 2 Version-

Huawei ≫ Honor 20 Firmware Version < 10.0.0.175\(c00e58r4p11\)

Huawei ≫ Honor 20 Version-

Huawei ≫ Honor 20 Pro Firmware Version < 10.0.0.194\(c00e62r8p12\)

Huawei ≫ Honor 20 Pro Version-

Huawei ≫ Honor V20 Firmware Version < 10.0.0.188\(c00e62r2p11\)

Huawei ≫ Honor V20 Version-

Huawei ≫ Mate 20 Pro Firmware Version < 10.1.0.270\(c635e3r1p5\)

Huawei ≫ Mate 20 Pro Version-

Huawei ≫ Mate 20 Pro Firmware Version < 10.1.0.273\(c636e7r2p4\)

Huawei ≫ Mate 20 Pro Version-

Huawei ≫ Honor Magic 2 Firmware Version < 10.0.0.187\(c00e61r2p11\)

Huawei ≫ Honor Magic 2 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.042

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-9244

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-9244

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-9244

EUVD