Vulnerability Description
There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 20 Pro Firmware | 10.1.0.135\(c01e135r2p8\) |
| Huawei | Mate 20 Pro | - |
| Huawei | Mate 20 Pro \(Ud\) Firmware | 10.1.0.135\(c00e135r3p8\) |
| Huawei | Mate 20 Pro \(Ud\) | - |
| Huawei | Nova 5I Firmware | < 10.0.0.125\(c01e123r7p3\) |
| Huawei | Nova 5I | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2020-9080?
CVE-2020-9080 is a vulnerability with a CVSS score of 7.8 (HIGH). There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitati...
How severe is CVE-2020-9080?
CVE-2020-9080 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9080?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 20 Pro Firmware, Huawei Mate 20 Pro, Huawei Mate 20 Pro \(Ud\) Firmware, Huawei Mate 20 Pro \(Ud\), Huawei Nova 5I Firmware.