CVE-2020-9076
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.
Los teléfonos inteligentes HUAWEI P30; HUAWEI P30 Pro; Tony-AL00B con versiones anteriores a 10.1.0.135(C00E135R2P11); versiones anteriores a 10.1.0.135(C00E135R2P8),versiones anteriores a 10.1.0.135, presentan una vulnerabilidad de autenticación inapropiada. Debido a que la identidad del remitente del mensaje no está siendo verificada apropiadamente, un atacante puede explotar esta vulnerabilidad por medio de un ataque de tipo man-in-the-middle para inducir a un usuario a acceder a una URL maliciosa
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-18 CVE Reserved
- 2020-06-15 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en | 2020-06-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Huawei Search vendor "Huawei" | P30 Firmware Search vendor "Huawei" for product "P30 Firmware" | < 10.1.0.135\(c00e135r2p11\) Search vendor "Huawei" for product "P30 Firmware" and version " < 10.1.0.135\(c00e135r2p11\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | P30 Search vendor "Huawei" for product "P30" | - | - |
Safe
|
Huawei Search vendor "Huawei" | P30 Pro Firmware Search vendor "Huawei" for product "P30 Pro Firmware" | < 10.1.0.135\(c00e135r2p8\) Search vendor "Huawei" for product "P30 Pro Firmware" and version " < 10.1.0.135\(c00e135r2p8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | P30 Pro Search vendor "Huawei" for product "P30 Pro" | - | - |
Safe
|
Huawei Search vendor "Huawei" | P30 Pro Firmware Search vendor "Huawei" for product "P30 Pro Firmware" | < 10.1.0.135\(c01e135r2p8\) Search vendor "Huawei" for product "P30 Pro Firmware" and version " < 10.1.0.135\(c01e135r2p8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | P30 Pro Search vendor "Huawei" for product "P30 Pro" | - | - |
Safe
|
Huawei Search vendor "Huawei" | Tony-al00b Firmware Search vendor "Huawei" for product "Tony-al00b Firmware" | < 10.1.0.137\(c00e137r2p11\) Search vendor "Huawei" for product "Tony-al00b Firmware" and version " < 10.1.0.137\(c00e137r2p11\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Tony-al00b Search vendor "Huawei" for product "Tony-al00b" | - | - |
Safe
|