CVE-2020-9235

Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:huawei:oxfords-an00a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:oxfords-an00a:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:huawei:princeton-al10d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:huawei:princeton-tl10c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:huawei:yale-al00a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:40

Type Values Removed Values Added
References () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en - Vendor Advisory () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en - Vendor Advisory

Information

Published : 2020-09-03 19:15

Updated : 2024-11-21 05:40


NVD link : CVE-2020-9235

Mitre link : CVE-2020-9235

CVE.ORG link : CVE-2020-9235


JSON object : View

Products Affected

huawei

  • princeton-al10d
  • honor_view_20_firmware
  • princeton-tl10c_firmware
  • honor_view_20
  • tony-al00b_firmware
  • yale-l21a_firmware
  • oxfords-an00a_firmware
  • princeton-tl10c
  • princeton-al10b
  • yale-l61a_firmware
  • yale-l21a
  • honor_20_pro_firmware
  • tony-al00b
  • princeton-al10b_firmware
  • yale-l61a
  • honor_20_pro
  • princeton-al10d_firmware
  • yale-al00a_firmware
  • yale-al00a
  • oxfords-an00a
CWE
CWE-20

Improper Input Validation