CVE-2020-9080 HIGH

CVE-2020-9080

Vendor Huawei

Product HUAWEI Mate 20 Pro

Weakness CWE-269

Published December 27, 2024

Last update December 27, 2024

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.

Key dates

02Disclosure timeline

December 27, 2024 CVE published

December 27, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-9080 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

Identifiers

CVE CVE-2020-9080

CWE CWE-269

CVSS 7.8 / HIGH

Affected versions

Vendor Huawei

Product HUAWEI Mate 20 Pro

Affected 10.1.0.135(C01E135R2P8)

Vendor Huawei

Product HUAWEI Mate 20 Pro (UD)

Affected 10.1.0.135(C00E135R3P8)

Vendor Huawei

Product HUAWEI nova 5i

Affected Versions earlier than 10.0.0.125(C01E123R7P3)

CVE-2020-9080

01Description

02Disclosure timeline

03References

04Related CVE