← back
CVE-2020-9250

CVE-2020-9250

CVSS 3.3 LOWEPSS 0.1%CWE-287CWE-522
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
20 Dec 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected products
Huawei · HUAWEI Mate 20 Pro

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-01-smartphone-en