Permissions, Privileges, and Access Controls in Huawei products - CVE-2020-9119
Published: December 7, 2020
Vulnerability identifier: #VU48797
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-9119
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Huawei
Affected software:
Huawei Mate 10
Huawei Mate 30
Huawei Mate 30 Pro
Huawei P40
Huawei P40 Pro
Huawei Mate 10
Huawei Mate 30
Huawei Mate 30 Pro
Huawei P40
Huawei P40 Pro
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to design defects. An administrator with physical access can execute relevant commands and escalate privileges on the target system.
How to mitigate CVE-2020-9119
Install updates from vendor's website.