CVE-2020-9235

{"id": "CVE-2020-9235", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2020-09-03T19:15:12.417", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak."}, {"lang": "es", "value": "Los tel\u00e9fonos inteligentes Huawei HONOR 20 PRO Versiones anteriores a 10.1.0.230(C432E9R5P1), Versiones anteriores a 10.1.0.231(C10E3R3P2), Versiones anteriores a 10.1.0.231(C185E3R5P1), Versiones anteriores a 10.1.0.231(C636E3R3P1); Versiones anteriores a 10.1. 0.212(C432E10R3P4), Versiones anteriores a 10.1.0.213(C636E3R4P3), Versiones anteriores a 10.1.0.214(C10E5R4P3), Versiones anteriores a 10.1.0.214(C185E3R3P3); Versiones anteriores a 10.1.0.212(C00E210R5P1); Versiones anteriores a 10.1.0.212(C00E210R5P1). 0.160(C00E160R2P11); Versiones anteriores a 10.1.0.160(C00E160R2P11); Versiones anteriores a 10.1.0.160(C01E160R2P11); Versiones anteriores a 10.1.0.160(C00E160R2P11); Versiones anteriores a 10.1.0.160(C00E160R8P12); Versiones anteriores a 10.1.0.160(C00E160R8P12); Versiones anteriores a 10.1.0.230(C432E9R5P1), Versiones anteriores a 10.1.0.231(C10E3R3P2), Versiones anteriores a 10.1.0.231(C636E3R3P1); Versiones anteriores a 10.1.0.225 (C431E3R1P2), Versiones anteriores a 10.1.0.225(C432E3R1P2), contienen una vulnerabilidad de informaci\u00f3n. Un m\u00f3dulo presenta un error de dise\u00f1o que es una falta de control de la entrada. Los atacantes pueden explotar esta vulnerabilidad para obtener informaci\u00f3n. Esto puede conllevar a una filtrado de informaci\u00f3n"}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F274713-28DD-423D-9298-F0D05465D654", "versionEndExcluding": "10.1.0.230\\(c432e9r5p1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A8A96B1-0C57-4BDE-A4A4-1409A19B8C88", "versionEndExcluding": "10.1.0.231\\(c10e3r3p2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEB8C3BF-7E85-4BE2-8A45-2A860933613B", "versionEndExcluding": "10.1.0.231\\(c185e3r5p1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "793BF36B-E0CB-445D-9891-6508100895E2", "versionEndExcluding": "10.1.0.231\\(c636e3r3p1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A91C527D-9227-4DF6-BB0B-318F02F809B1", "versionEndExcluding": "10.1.0.212\\(c432e10r3p4\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14366B9D-852C-4881-9EA0-7CF327D909CF", "versionEndExcluding": "10.1.0.213\\(c636e3r4p3\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3BB4FCB-BDB1-4EFD-BE78-F16D56B63CDD", "versionEndExcluding": "10.1.0.214\\(c10e5r4p3\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D30B08C8-FC1C-45AD-90D1-780401879E0F", "versionEndExcluding": "10.1.0.214\\(c185e3r3p3\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oxfords-an00a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5121368D-49AB-4786-A7E7-191592073E56", "versionEndExcluding": "10.1.0.212\\(c00e210r5p1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oxfords-an00a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1F6D6CD6-3D6F-401E-8035-4D9A3F06FFA1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B4B9600-877F-458C-8E89-40E0B0D21E8A", "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:princeton-al10d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8C262C7-C463-4F74-8F6B-6BF9B4FDCBCF", "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "11E6B825-CA55-4BEC-8279-3F33F7CC93EE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:princeton-tl10c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "860E54AE-BB2C-4ED1-809E-F39DB31BE817", "versionEndExcluding": "10.1.0.160\\(c01e160r2p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "35F6A54F-E004-4BE7-A6A6-3E7C300DC498"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21BE2094-71C2-4C64-860E-67DE745110AD", "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-al00a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BDC1976-E07B-4464-84DB-EACAE30D97E5", "versionEndExcluding": "10.1.0.160\\(c00e160r8p12\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "562D05D2-CC9E-4973-9E8D-B40C0ED6C721"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64B571E5-C93B-42AD-ACEF-DE8155D9993E", "versionEndExcluding": "10.1.0.230\\(c432e9r5p1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2221682B-7C40-43F0-8BE4-64872D0388E6", "versionEndExcluding": "10.1.0.231\\(c10e3r3p2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E706A193-3908-4D3F-9E90-8FAEDA2CF12F", "versionEndExcluding": "10.1.0.231\\(c636e3r3p1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F414D697-EA17-4565-9168-47D17427E00E", "versionEndExcluding": "10.1.0.225\\(c431e3r1p2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5AB7B562-CDE8-47F2-8537-52AB3640E218"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAF4CBFD-6BB8-46B0-85B2-C2C144190AA0", "versionEndExcluding": "10.1.0.225\\(c432e3r1p2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5AB7B562-CDE8-47F2-8537-52AB3640E218"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}