Vulnerability Description
Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user wants to do certain operation. An attacker can trick user into installing a malicious application to exploit this vulnerability. Successful exploit may cause some information disclosure.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Taurus-Al00B Firmware | < 10.0.0.205\(c00e201r7p2\) |
| Huawei | Taurus-Al00B | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-smartphVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-smartpVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-smartphVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-01-smartpVendor Advisory
FAQ
What is CVE-2020-9070?
CVE-2020-9070 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user w...
How severe is CVE-2020-9070?
CVE-2020-9070 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9070?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Taurus-Al00B Firmware, Huawei Taurus-Al00B.