CVE-2020-9080
HIGH WAF: Low
CVSS 7.8
Published: 2024-12-27
CWE-269
There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.
WAF Coverage Analysis
Improper Privilege Management
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| huawei | mate_20_pro_firmware | 10.1.0.135\(c01e135r2p8\) |
| huawei | mate_20_pro_\(ud\)_firmware | 10.1.0.135\(c00e135r3p8\) |
| huawei | nova_5i_firmware | up to 10.0.0.125\(c01e123r7p3\) |
References
- www.huawei.com (Vendor Advisory)