#VU47196 Information disclosure in Huawei Hardware solutions

Published: 2020-09-30

Vulnerability identifier: #VU47196

Vulnerability risk: Low


CVE-ID: CVE-2020-9109


Exploitation vector: Local

Exploit availability:

Vulnerable software:
Huawei Mate 20
Client/Desktop applications / Multimedia software
Huawei Mate 20 X
Client/Desktop applications / Multimedia software
Huawei P30 Pro
Client/Desktop applications / Multimedia software
Hardware solutions / Firmware
Huawei Tony-AL00B
Hardware solutions / Firmware
huawei Tony-TL00B
Hardware solutions / Firmware

Vendor: Huawei


The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to the affected device does not sufficiently validate the identity of smart wearable device. A local administrator can gain unauthorized access to sensitive information on the system.

Install updates from vendor's website.

Vulnerable software versions

Huawei Mate 20: All versions

Huawei Mate 20 X : All versions

Huawei P30 Pro: All versions

Laya-AL00EP: All versions

Huawei Tony-AL00B: All versions

huawei Tony-TL00B: All versions

Fixed software versions


External links

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

Latest bulletins with this vulnerability