CVE-2020-9074

CWE-755 — Improper Exception Handling3 documents3 sources

Severity

5.3MEDIUM

EPSS

0.2%

top 60.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Honor 20 Firmware Huawei Honor 20 PRO Firmware Huawei Honor View 20 Firmware

Timeline

PublishedJun 5

Latest updateMay 24

Description

Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional condition Vulnerability. A component cannot deal with an exception correctly. Attackers can exploit this vulnerability by sending malformed message. This could compromise normal service of affected phones.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages6 packages

▶NVDhuawei/honor_view_20_firmware< 10.0.0.200\(c185e3r3p3\)+3

▶NVDhuawei/honor_20_firmware< 10.0.0.186\(c185e2r2p1\)+1

▶NVDhuawei/honor_20_pro_firmware< 10.0.0.194\(c432e9r5p1\)+3

▶CVEListV5honor_view_204 versions+3

▶CVEListV5honor_20Versions earlier than 10.0.0.186(C185E2R2P1), Versions earlier than 10.0.0.194(C432E9R5P1)+1

🔴Vulnerability Details

GHSA

GHSA-cj2v-hvhw-frjw: Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional condition Vulnerability↗2022-05-24

▶

CVEList

CVE-2020-9074: Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional condition Vulnerability↗2020-06-05

▶