CVE-2020-9064 — MEDIUM (5.5)

Q: How severe is CVE-2020-9064?

CVE-2020-9064 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-9064?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor V30 Firmware, Huawei Honor V30.

Vulnerability Description

Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Huawei	Honor V30 Firmware	<= oxfords-an00a_10.0.1.167\(c00e166r4p1\)
Huawei	Honor V30	-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2020-9064?

CVE-2020-9064 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device p...

How severe is CVE-2020-9064?

CVE-2020-9064 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-9064?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor V30 Firmware, Huawei Honor V30.