CVE-2020-9235

Summary

CVE	CVE-2020-9235
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2020-09-03 19:15:00 UTC
Updated	2021-07-21 11:39:00 UTC
Description	Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Huawei	Honor 20 Pro	-	All	All	All
Hardware	Huawei	Honor 20 Pro	-	All	All	All
Operating System	Huawei	Honor 20 Pro Firmware	All	All	All	All
Operating System	Huawei	Honor 20 Pro Firmware	All	All	All	All
Hardware	Huawei	Honor View 20	-	All	All	All
Hardware	Huawei	Honor View 20	-	All	All	All
Operating System	Huawei	Honor View 20 Firmware	All	All	All	All
Operating System	Huawei	Honor View 20 Firmware	All	All	All	All
Hardware	Huawei	Oxfords-an00a	-	All	All	All
Hardware	Huawei	Oxfords-an00a	-	All	All	All
Operating System	Huawei	Oxfords-an00a Firmware	All	All	All	All
Operating System	Huawei	Oxfords-an00a Firmware	All	All	All	All
Hardware	Huawei	Princeton-al10b	-	All	All	All
Hardware	Huawei	Princeton-al10b	-	All	All	All
Operating System	Huawei	Princeton-al10b Firmware	All	All	All	All
Operating System	Huawei	Princeton-al10b Firmware	All	All	All	All
Hardware	Huawei	Princeton-al10d	-	All	All	All
Hardware	Huawei	Princeton-al10d	-	All	All	All
Operating System	Huawei	Princeton-al10d Firmware	All	All	All	All
Operating System	Huawei	Princeton-al10d Firmware	All	All	All	All
Hardware	Huawei	Princeton-tl10c	-	All	All	All
Hardware	Huawei	Princeton-tl10c	-	All	All	All
Operating System	Huawei	Princeton-tl10c Firmware	All	All	All	All
Operating System	Huawei	Princeton-tl10c Firmware	All	All	All	All
Hardware	Huawei	Tony-al00b	-	All	All	All
Hardware	Huawei	Tony-al00b	-	All	All	All
Operating System	Huawei	Tony-al00b Firmware	All	All	All	All
Operating System	Huawei	Tony-al00b Firmware	All	All	All	All
Hardware	Huawei	Yale-al00a	-	All	All	All
Hardware	Huawei	Yale-al00a	-	All	All	All
Operating System	Huawei	Yale-al00a Firmware	All	All	All	All
Operating System	Huawei	Yale-al00a Firmware	All	All	All	All
Hardware	Huawei	Yale-l21a	-	All	All	All
Hardware	Huawei	Yale-l21a	-	All	All	All
Operating System	Huawei	Yale-l21a Firmware	All	All	All	All
Operating System	Huawei	Yale-l21a Firmware	All	All	All	All
Hardware	Huawei	Yale-l61a	-	All	All	All
Hardware	Huawei	Yale-l61a	-	All	All	All
Operating System	Huawei	Yale-l61a Firmware	All	All	All	All
Operating System	Huawei	Yale-l61a Firmware	All	All	All	All

References

Reference	Source	Link	Tags
Security Advisory - Information Leak Vulnerability in Huawei Smartphones	MISC	www.huawei.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.