CVE-2020-9256
Summary
| CVE | CVE-2020-9256 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-07-18 01:16:00 UTC |
| Updated | 2020-07-24 15:18:00 UTC |
| Description | Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Mate 30 Pro | - | All | All | All |
| Hardware | Huawei | Mate 30 Pro | - | All | All | All |
| Operating System | Huawei | Mate 30 Pro Firmware | All | All | All | All |
| Operating System | Huawei | Mate 30 Pro Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Improper Authorization Vulnerability in Several Smartphones | CONFIRM | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.