CVE-2020-9076

Summary

HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.

Affected Software

VendorProductVersion RangeStatus
n/aHUAWEI P30;HUAWEI P30 Pro;Tony-AL00BVersions earlier than 10.1.0.135(C00E135R2P11)affected
n/aHUAWEI P30;HUAWEI P30 Pro;Tony-AL00BVersions earlier than 10.1.0.135(C00E135R2P8),Versions earlier than 10.1.0.135(C01E135R2P8)affected
n/aHUAWEI P30;HUAWEI P30 Pro;Tony-AL00BVersions earlier than 10.1.0.137(C00E137R2P11)affected

Weaknesses

  • Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

References