CVE-2020-9119

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.

Published: Dec 24, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-9119
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.2
AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
huawei / mate_10_firmware	-	10.0.0.189\(c185e6r1p3\)
huawei / mate_30_firmware	-	10.1.0.156\(c00e155r7p2\)
huawei / mate_30_pro_firmware	-	10.1.0.156\(c00e156r7p2\)
huawei / p40_firmware	-	10.1.0.150\(sp1c00e150r4p1\)
huawei / p40_pro_firmware	-	10.1.0.150\(sp1c00e150r4p1\)

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartphone-en

Vulnerability Database

289,697

CVE-2020-9119