Lucene search

[email protected]NVD:CVE-2020-9239

HistorySep 11, 2020 - 2:15 p.m.

CVE-2020-9239

2020-09-1114:15:11

CWE-20

[email protected]

web.nvd.nist.gov

huawei

smartphones

input control

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

12.6%

JSON

Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than 8.0.0.163(C636),Versions earlier than 8.0.0.172(C10);Duke-L09 versions Duke-L09C10B187, versions Duke-L09C432B189, versions Duke-L09C636B189;HUAWEI P20 versions earlier than 8.0.1.16(C00);HUAWEI P20 Pro versions earlier than 8.1.0.152(C00);Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172;LON-L29D versions LON-L29DC721B192;NEO-AL00D versions earlier than 8.1.0.172(C786);Stanford-AL00 versions Stanford-AL00C00B123;Toronto-AL00 versions earlier than Toronto-AL00AC00B225;Toronto-AL00A versions earlier than Toronto-AL00AC00B225;Toronto-TL10 versions earlier than Toronto-TL10C01B225 have an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerab

Affected configurations

Nvd

Node

huaweibla-a09_firmwareMatch8.0.0.123\(c212\)

AND

huaweibla-a09Match-

Node

huaweibla-a09_firmwareRange<8.0.0.123\(c567\)

AND

huaweibla-a09Match-

Node

huaweibla-a09_firmwareRange<8.0.0.123\(c797\)

AND

huaweibla-a09Match-

Node

huaweibla-tl00b_firmwareRange<8.1.0.326\(c01\)

AND

huaweibla-tl00bMatch-

Node

huaweiberkeley-l09_firmwareRange<8.0.0.163\(c10\)

AND

huaweiberkeley-l09Match-

Node

huaweiberkeley-l09_firmwareRange≤8.0.0.163\(c432\)

AND

huaweiberkeley-l09Match-

Node

huaweiberkeley-l09_firmwareRange<8.0.0.163\(c636\)

AND

huaweiberkeley-l09Match-

Node

huaweiberkeley-l09_firmwareRange<8.0.0.172\(c10\)

AND

huaweiberkeley-l09Match-

Node

huaweiduke-l09_firmwareMatchduke-l09c10b187

huaweiduke-l09_firmwareMatchduke-l09c432b189

huaweiduke-l09_firmwareMatchduke-l09c636b189

AND

huaweiduke-l09Match-

Node

huaweip20_firmwareRange<8.0.1.16\(c00\)

AND

huaweip20Match-

Node

huaweip20_pro_firmwareRange<8.1.0.152\(c00\)

AND

huaweip20_proMatch-

Node

huaweijimmy-al00a_firmwareRange<jimmy-al00ac00b172

AND

huaweijimmy-al00aMatch-

Node

huaweilon-l29d_firmwareMatchlon-l29dc721b192

AND

huaweilon-l29dMatch-

Node

huaweineo-al00d_firmwareRange<8.1.0.172\(c786\)

AND

huaweineo-al00dMatch-

Node

huaweistanford-al00_firmwareMatchstanford-al00c00b123

AND

huaweistanford-al00Match-

Node

huaweitoronto-al00_firmwareRange<toronto-al00ac00b225

AND

huaweitoronto-al00Match-

Node

huaweitoronto-al00a_firmwareRange<toronto-al00ac00b225

AND

huaweitoronto-al00aMatch-

Node

huaweitoronto-tl10_firmwareRange<toronto-tl10c01b225

AND

huaweitoronto-tl10Match-

VendorProductVersionCPE
huaweibla-a09_firmware8.0.0.123(c212)cpe:2.3:o:huawei:bla-a09_firmware:8.0.0.123\(c212\):*:*:*:*:*:*:*
huaweibla-a09-cpe:2.3:h:huawei:bla-a09:-:*:*:*:*:*:*:*
huaweibla-a09_firmware*cpe:2.3:o:huawei:bla-a09_firmware:*:*:*:*:*:*:*:*
huaweibla-tl00b_firmware*cpe:2.3:o:huawei:bla-tl00b_firmware:*:*:*:*:*:*:*:*
huaweibla-tl00b-cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*
huaweiberkeley-l09_firmware*cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*
huaweiberkeley-l09-cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*
huaweiduke-l09_firmwareduke-l09c10b187cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c10b187:*:*:*:*:*:*:*
huaweiduke-l09_firmwareduke-l09c432b189cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c432b189:*:*:*:*:*:*:*
huaweiduke-l09_firmwareduke-l09c636b189cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c636b189:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	bla-a09_firmware	8.0.0.123(c212)	cpe:2.3:o:huawei:bla-a09_firmware:8.0.0.123\(c212\):::::::*
huawei	bla-a09	-	cpe:2.3:h:huawei:bla-a09:-:::::::*
huawei	bla-a09_firmware	*	cpe:2.3:o:huawei:bla-a09_firmware::::::::
huawei	bla-tl00b_firmware	*	cpe:2.3:o:huawei:bla-tl00b_firmware::::::::
huawei	bla-tl00b	-	cpe:2.3:h:huawei:bla-tl00b:-:::::::*
huawei	berkeley-l09_firmware	*	cpe:2.3:o:huawei:berkeley-l09_firmware::::::::
huawei	berkeley-l09	-	cpe:2.3:h:huawei:berkeley-l09:-:::::::*
huawei	duke-l09_firmware	duke-l09c10b187	cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c10b187:::::::*
huawei	duke-l09_firmware	duke-l09c432b189	cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c432b189:::::::*
huawei	duke-l09_firmware	duke-l09c636b189	cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c636b189:::::::*

Rows per page:

1-10 of 291

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20200909-04-smartphone-en

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2020-9239

cvelist1 prion1 cve1 huawei1