1. Home
  2. CVE Database
  3. CVE-2020-9235
MEDIUM · 5.5

CVE-2020-9235

Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C...

Vulnerability Description

Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
HuaweiHonor 20 Pro Firmware< 10.1.0.230\(c432e9r5p1\)
HuaweiHonor 20 Pro-
HuaweiHonor View 20 Firmware< 10.1.0.212\(c432e10r3p4\)
HuaweiHonor View 20-
HuaweiOxfords-An00A Firmware< 10.1.0.212\(c00e210r5p1\)
HuaweiOxfords-An00A-
HuaweiPrinceton-Al10B Firmware< 10.1.0.160\(c00e160r2p11\)
HuaweiPrinceton-Al10B-
HuaweiPrinceton-Al10D Firmware< 10.1.0.160\(c00e160r2p11\)
HuaweiPrinceton-Al10D-
HuaweiPrinceton-Tl10C Firmware< 10.1.0.160\(c01e160r2p11\)
HuaweiPrinceton-Tl10C-
HuaweiTony-Al00B Firmware< 10.1.0.160\(c00e160r2p11\)
HuaweiTony-Al00B-
HuaweiYale-Al00A Firmware< 10.1.0.160\(c00e160r8p12\)
HuaweiYale-Al00A-
HuaweiYale-L21A Firmware< 10.1.0.230\(c432e9r5p1\)
HuaweiYale-L21A-
HuaweiYale-L61A Firmware< 10.1.0.225\(c431e3r1p2\)
HuaweiYale-L61A-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2020-9235?

CVE-2020-9235 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C...

How severe is CVE-2020-9235?

CVE-2020-9235 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-9235?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor 20 Pro Firmware, Huawei Honor 20 Pro, Huawei Honor View 20 Firmware, Huawei Honor View 20, Huawei Oxfords-An00A Firmware.