{"id": "CVE-2020-9239", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2020-09-11T14:15:11.660", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200909-04-smartphone-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than 8.0.0.163(C636),Versions earlier than 8.0.0.172(C10);Duke-L09 versions Duke-L09C10B187, versions Duke-L09C432B189, versions Duke-L09C636B189;HUAWEI P20 versions earlier than 8.0.1.16(C00);HUAWEI P20 Pro versions earlier than 8.1.0.152(C00);Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172;LON-L29D versions LON-L29DC721B192;NEO-AL00D versions earlier than 8.1.0.172(C786);Stanford-AL00 versions Stanford-AL00C00B123;Toronto-AL00 versions earlier than Toronto-AL00AC00B225;Toronto-AL00A versions earlier than Toronto-AL00AC00B225;Toronto-TL10 versions earlier than Toronto-TL10C01B225 have an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerab"}, {"lang": "es", "value": "Tel\u00e9fonos inteligentes Huawei BLA-A09 versiones 8.0.0.123(C212), versiones anteriores a 8.0.0.123(C567), versiones anteriores a 8.0.0.123(C797); BLA-TL00B versiones anteriores a 8.1.0.326(C01); Berkeley-L09 versiones anteriores a 8.0.0.163(C10), versiones anteriores a 8.0.0.163(C432), versiones anteriores a 8.0.0.163(C636), versiones anteriores a 8.0.0.172(C10); Duke-L09 versiones Duke-L09C10B187, versiones Duke- L09C432B189, versiones Duke-L09C636B189; HUAWEI P20 versiones anteriores a 8.0.1.16(C00); HUAWEI P20 Pro versiones anteriores a 8.1.0.152(C00); Jimmy-AL00A versiones anteriores a Jimmy-AL00AC00B172; LON-L29D versiones LON-L29DC721B192; NEO-AL00D versiones anteriores a 8.1.0.172(C786); Stanford-AL00 versiones Stanford-AL00C00B123; Toronto-AL00 versiones anteriores a Toronto-AL00AC00B225; Toronto-AL00A versiones anteriores a Toronto-AL00AC00B225; Toronto-TL10 versiones anteriores a Toronto-TL10C01B225, presentan una vulnerabilidad de informaci\u00f3n. Un m\u00f3dulo presenta un error de dise\u00f1o que es la falta de control de entrada. Unos atacantes pueden explotar esta vulnerabilidad"}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:bla-a09_firmware:8.0.0.123\\(c212\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2E3EAB8-77C6-41A3-BEB3-ABB0B494BB21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:bla-a09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84B70898-B63A-4946-88FB-F575C82E99DD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:bla-a09_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F902EA4C-981D-4717-A2B1-A2AA3DADDA51", "versionEndExcluding": "8.0.0.123\\(c567\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:bla-a09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84B70898-B63A-4946-88FB-F575C82E99DD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:bla-a09_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA788C78-D010-48F2-9EA1-757A8E4052EA", "versionEndExcluding": "8.0.0.123\\(c797\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:bla-a09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84B70898-B63A-4946-88FB-F575C82E99DD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5F22D37-2FF0-4B36-BD18-93181E4CFDFF", "versionEndExcluding": "8.1.0.326\\(c01\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BAAF02E9-8732-4E8E-8AA6-A422C200F9B6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "699B4D39-D660-45CD-A251-664E8140F4D9", "versionEndExcluding": "8.0.0.163\\(c10\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCFA70EC-4821-4DEC-BB2E-B22ACBCFBE38", "versionEndIncluding": "8.0.0.163\\(c432\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55CA9AE4-81A5-4A4E-8C92-E5788A225106", "versionEndExcluding": "8.0.0.163\\(c636\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71143018-E85E-493A-B0A4-B9AD5E374C82", "versionEndExcluding": "8.0.0.172\\(c10\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c10b187:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22B1BBF7-1BE7-4FD1-A548-FD79DB69E514"}, {"criteria": "cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c432b189:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A26A8EDA-AF8D-4C14-A95F-026B12C480CB"}, {"criteria": "cpe:2.3:o:huawei:duke-l09_firmware:duke-l09c636b189:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AADFAB46-1BCC-4368-B794-E951B068B767"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:duke-l09:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBF74374-C6A1-4D04-915B-B23E3C9AC2FD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "048DA7E4-D86C-4AF3-B2DC-5C1E4DEEF88E", "versionEndExcluding": "8.0.1.16\\(c00\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7492911B-4242-4947-9DED-9F48FC0875CD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91C3C215-FDD2-4585-AEE1-B63F13378C47", "versionEndExcluding": "8.1.0.152\\(c00\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B315FBC-8BF9-4256-80F9-63EFF0806BEB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:jimmy-al00a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD17379A-5AE0-4A2A-A653-B8643B75C004", "versionEndExcluding": "jimmy-al00ac00b172"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:jimmy-al00a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "315F31F5-D48F-4A30-A3E3-7B57880D5C45"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:lon-l29d_firmware:lon-l29dc721b192:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7AE7FC9-9728-4EB6-A36D-209400E0BEAA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:lon-l29d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3652DBA0-1519-4D93-AA2B-C66F381F5C6A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:neo-al00d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2348BA08-523A-487E-A1FF-7D07894C89B6", "versionEndExcluding": "8.1.0.172\\(c786\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B4B07FEC-514D-4A51-B26B-02254A867DC5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:stanford-al00_firmware:stanford-al00c00b123:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F485B1BF-2C72-4FF8-BDF0-CE991AC2D7CF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:stanford-al00:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "41F4D75F-A8A4-4DAE-8EDE-5F559B036DB0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:toronto-al00_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A95C3BF2-0825-4C4C-B80F-A142D8589AB3", "versionEndExcluding": "toronto-al00ac00b225"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:toronto-al00:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "876D76BE-3687-4049-B3C9-7E1469E18CC0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:toronto-al00a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FC8D826-432B-47A2-B315-53067A2CCA1F", "versionEndExcluding": "toronto-al00ac00b225"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:toronto-al00a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A83D96D-0B5A-42F0-B967-BC27C5B14573"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:toronto-tl10_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E23DA404-1286-468B-A032-C6F5EBFFD5AF", "versionEndExcluding": "toronto-tl10c01b225"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:toronto-tl10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7401A6EC-6133-442D-A638-FF03132D0EF5"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}
