There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.
History

Fri, 10 Jan 2025 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Huawei
Huawei mate 20 Pro
Huawei mate 20 Pro \(ud\)
Huawei mate 20 Pro \(ud\) Firmware
Huawei mate 20 Pro Firmware
Huawei nova 5i
Huawei nova 5i Firmware
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:mate_20_pro_\(ud\):-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:nova_5i:-:*:*:*:*:*:*:*
cpe:2.3:o:huawei:mate_20_pro_\(ud\)_firmware:10.1.0.135\(c00e135r3p8\):*:*:*:*:*:*:*
cpe:2.3:o:huawei:mate_20_pro_firmware:10.1.0.135\(c01e135r2p8\):*:*:*:*:*:*:*
cpe:2.3:o:huawei:nova_5i_firmware:*:*:*:*:*:*:*:*
Vendors & Products Huawei
Huawei mate 20 Pro
Huawei mate 20 Pro \(ud\)
Huawei mate 20 Pro \(ud\) Firmware
Huawei mate 20 Pro Firmware
Huawei nova 5i
Huawei nova 5i Firmware

Fri, 27 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 27 Dec 2024 09:30:00 +0000

Type Values Removed Values Added
Description There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: huawei

Published:

Updated: 2024-12-27T16:08:48.159Z

Reserved: 2020-02-18T00:00:00.000Z

Link: CVE-2020-9080

cve-icon Vulnrichment

Updated: 2024-12-27T16:08:44.167Z

cve-icon NVD

Status : Analyzed

Published: 2024-12-27T10:15:10.313

Modified: 2025-01-10T20:36:43.037

Link: CVE-2020-9080

cve-icon Redhat

No data.