CVE-2020-9081
LOWDescription
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| huawei | mate_20_firmware |
| huawei | mate_20 |
| huawei | p30_firmware |
| huawei | p30 |
| huawei | p30_pro_firmware |
| huawei | p30_pro |
| huawei | princeton-al10d_firmware |
| huawei | princeton-al10d |
| huawei | yale-al00a_firmware |
| huawei | yale-al00a |
| huawei | yale-al50a_firmware |
| huawei | yale-al50a |
| huawei | yalep-al10b_firmware |
| huawei | yalep-al10b |
| huawei | mate_20_firmware |
| huawei | mate_20 |
| huawei | p30_pro_firmware |
| huawei | p30_pro |
References
Frequently Asked Questions
What is CVE-2020-9081? +
How severe is CVE-2020-9081? +
What products are affected by CVE-2020-9081? +
How do I check if I'm vulnerable to CVE-2020-9081? +
Related Vulnerabilities
NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/pages/forum/get_quotes.php` only checks whether the caller is logged in, then …
Insecure Direct Object References (IDOR) in access control in Customer Portal before 2.1.4 on NightWolf Penetration Testing allows an attacker …
Insecure Direct Object References (IDOR) in access control in Tracking 2.1.4 on NightWolf Penetration Testing allows an attacker to access …
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a …
An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate …
XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki. Starting in version 2.17.1 and prior to version …