Main Vulnerability Database Vulnerabilities #VU27913

Improper Authentication in Huawei P20 - CVE-2020-9073

Published: May 14, 2020

Vulnerability identifier: #VU27913

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-9073

CWE-ID: CWE-287

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Huawei

Affected software:
Huawei P20

Detailed vulnerability description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the affected software insufficiently validate the user's identity when an user wants to do certain operation. An attacker with physical access can bypass the limit of student mode function.

How to mitigate CVE-2020-9073

Install updates from vendor's website.

Sources

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-01-smartphone-en

Improper Authentication in Huawei P20 - CVE-2020-9073

Detailed vulnerability description

How to mitigate CVE-2020-9073

Sources

Please verify you're human