CVE-2020-9250 LOW

CVE-2020-9250

Vendor Huawei
Product HUAWEI Mate 20 Pro
Weakness CWE-287 · Improper authentication
Published December 20, 2024
Last update December 20, 2024

CVSS base score

3.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.

Key dates

02Disclosure timeline

December 20, 2024 CVE published
December 20, 2024 Record updated