Vulnerability Description
There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 10 Firmware | < 10.0.0.189\(c185e6r1p3\) |
| Huawei | Mate 10 | - |
| Huawei | Mate 30 Firmware | < 10.1.0.156\(c00e155r7p2\) |
| Huawei | Mate 30 | - |
| Huawei | Mate 30 Pro Firmware | < 10.1.0.156\(c00e156r7p2\) |
| Huawei | Mate 30 Pro | - |
| Huawei | P40 Firmware | < 10.1.0.150\(sp1c00e150r4p1\) |
| Huawei | P40 | - |
| Huawei | P40 Pro Firmware | < 10.1.0.150\(sp1c00e150r4p1\) |
| Huawei | P40 Pro | - |
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartpVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartpVendor Advisory
FAQ
What is CVE-2020-9119?
CVE-2020-9119 is a vulnerability with a CVSS score of 6.2 (MEDIUM). There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute rel...
How severe is CVE-2020-9119?
CVE-2020-9119 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9119?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 10 Firmware, Huawei Mate 10, Huawei Mate 30 Firmware, Huawei Mate 30, Huawei Mate 30 Pro Firmware.