Home

Description

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.

PUBLISHED Reserved 2020-02-18 | Published 2024-12-20 | Updated 2024-12-20 | Assigner huawei




LOW: 3.3CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Problem types

CWE-287: Improper Authentication

Product status

Default status
unaffected

Versions earlier than 10.1.0.160(C00E160R3P8)
affected

References

www.huawei.com/...sories/huawei-sa-20200729-01-smartphone-en

cve.org (CVE-2020-9250)

nvd.nist.gov (CVE-2020-9250)

Download JSON