{"id": "CVE-2020-9244", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2020-08-11T19:15:17.687", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged"}, {"lang": "es", "value": "Versiones de HUAWEI Mate 20 Versiones anteriores a 10.1.0.160(C00E160R3P8); versiones de HUAWEI Mate 20 Pro Versiones anteriores a 10.1.0.270(C431E7R1P5), Versiones anteriores a 10.1.0.270(C635E3R1P5), Versiones anteriores a 10.1.0.273(C636E7R2WE); versiones de Mate 20 X Versiones anteriores a 10.1.0.160(C00E160R2P8); versiones de HUAWEI P30 Versiones anteriores a 10.1.0.160(C00E160R2P11); versiones de HUAWEI P30 Pro Versiones anteriores a 10.1.0.160(C00E160R2P8); versiones de HUAWEI Mate 20 RS Versiones anteriores a 10.1 .0.160(C786E160R3P8); versiones de HonorMagic2 Versiones anteriores a 10.0.0.187(C00E61R2P11); versiones de Honor20 Versiones anteriores a 10.0.0.175(C00E58R4P11); versiones de Honor20 PRO Versiones anteriores a 10.0.0.194(C00E62R8P12); versiones de HonorMagic2 10.0.0.187(C00E61R2P11); versiones de HonorV20 Versiones anteriores a 10.0.0.188(C00E62R2P11), presentan una vulnerabilidad de autenticaci\u00f3n inapropiada. El sistema no firma adecuadamente determinado archivo cifrado, el atacante debe conseguir la clave usada para cifrar el archivo, una explotaci\u00f3n con \u00e9xito podr\u00eda causar que cierto archivo sea falsificado"}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD", "versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CAC2512-1577-4DB3-AC23-A5F4BF0D9127", "versionEndExcluding": "10.1.0.270\\(c431e7r1p5\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73419613-9F87-4E99-9A8D-D8B6B74F882D", "versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29C7558A-D8B6-4773-A14D-38EDFFD96E5E", "versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", "versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "939C475D-62F1-4739-A010-8EB1D254352D", "versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "99DD3EC3-7E9B-4904-8317-C3528D1CAFEA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EA59594-AD02-44FC-B3A4-91D961A5A81D", "versionEndExcluding": "10.0.0.187\\(c00e61r2p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F3A0DA8-F39F-4343-856C-4BCDFB874DD2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2972F40-6507-40D2-8F9B-40A3BDBC6142", "versionEndExcluding": "10.0.0.175\\(c00e58r4p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "55571AAC-B8B2-48D0-8486-BB2992A39568"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB8A69A7-BDA8-42C7-800D-A15928E1FDBC", "versionEndExcluding": "10.0.0.194\\(c00e62r8p12\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6F48C40-4FAC-4311-98F1-99FC480C2C90", "versionEndExcluding": "10.0.0.188\\(c00e62r2p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FF332D5-0799-487A-970B-E0FB7435207D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD6E8C02-F0E4-456E-A456-93FC2C568DF2", "versionEndExcluding": "10.1.0.270\\(c635e3r1p5\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45D23DA1-BD80-4157-A418-56A8B5DA544D", "versionEndExcluding": "10.1.0.273\\(c636e7r2p4\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EA59594-AD02-44FC-B3A4-91D961A5A81D", "versionEndExcluding": "10.0.0.187\\(c00e61r2p11\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F3A0DA8-F39F-4343-856C-4BCDFB874DD2"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}
