Vulnerabilities > CVE-2020-9080 - Unspecified vulnerability in Huawei products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

huawei

NVD

Published: 2024-12-27

Updated: 2025-01-10

Summary

There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Mate 20 PRO Firmware 10.1.0.135\(C01E135R2P8\) Huawei Mate 20 PRO (Ud) Firmware 10.1.0.135\(C00E135R3P8\) Huawei Nova 5I Firmware *	3
Hardware	Huawei Huawei Mate 20 PRO - Huawei Mate 20 PRO (Ud) - Huawei Nova 5I -	3

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-01-smartphone-en