Vulnerability Description
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 20 Firmware | < 10.1.0.160\(c00e160r3p8\) |
| Huawei | Mate 20 | - |
| Huawei | P30 Firmware | < 10.1.0.160\(c00e160r2p11\) |
| Huawei | P30 | - |
| Huawei | P30 Pro Firmware | < 10.1.0.160\(c00e160r2p8\) |
| Huawei | P30 Pro | - |
| Huawei | Princeton-Al10D Firmware | < 10.1.0.160\(c00e160r2p11\) |
| Huawei | Princeton-Al10D | - |
| Huawei | Yale-Al00A Firmware | < 10.1.0.160\(c00e160r8p12\) |
| Huawei | Yale-Al00A | - |
| Huawei | Yale-Al50A Firmware | < 10.1.0.88\(c00e88r8p1\) |
| Huawei | Yale-Al50A | - |
| Huawei | Yalep-Al10B Firmware | < 10.1.0.160\(c00e160r8p12\) |
| Huawei | Yalep-Al10B | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2020-9081?
CVE-2020-9081 is a vulnerability with a CVSS score of 3.5 (LOW). There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could al...
How severe is CVE-2020-9081?
CVE-2020-9081 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9081?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 20 Firmware, Huawei Mate 20, Huawei P30 Firmware, Huawei P30, Huawei P30 Pro Firmware.