CVE-2020-9081
published 2024-12-27CVE-2020-9081: There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this…
medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| huawei | huawei_mate_20 | — | — |
| huawei | huawei_mate_20 | — | — |
| huawei | huawei_p30 | — | — |
| huawei | huawei_p30_pro | — | — |
| huawei | huawei_p30_pro | — | — |
| huawei | mate_20_firmware | < 10.1.0.160\(c00e160r3p8\) | 10.1.0.160\(c00e160r3p8\) |
| huawei | mate_20_firmware | < 10.1.0.160\(c01e160r2p8\) | 10.1.0.160\(c01e160r2p8\) |
| huawei | p30_firmware | < 10.1.0.160\(c00e160r2p11\) | 10.1.0.160\(c00e160r2p11\) |
| huawei | p30_pro_firmware | < 10.1.0.160\(c00e160r2p8\) | 10.1.0.160\(c00e160r2p8\) |
| huawei | p30_pro_firmware | < 10.1.0.160\(c01e160r2p8\) | 10.1.0.160\(c01e160r2p8\) |
| huawei | princeton-al10d | — | — |
| huawei | princeton-al10d_firmware | < 10.1.0.160\(c00e160r2p11\) | 10.1.0.160\(c00e160r2p11\) |
| huawei | yale-al00a | — | — |
| huawei | yale-al00a_firmware | < 10.1.0.160\(c00e160r8p12\) | 10.1.0.160\(c00e160r8p12\) |
| huawei | yale-al50a | — | — |
| huawei | yale-al50a_firmware | < 10.1.0.88\(c00e88r8p1\) | 10.1.0.88\(c00e88r8p1\) |
| huawei | yalep-al10b | — | — |
| huawei | yalep-al10b_firmware | < 10.1.0.160\(c00e160r8p12\) | 10.1.0.160\(c00e160r8p12\) |