CVE-2020-9064
MEDIUMHuawei Honor V30 Firmware < OxfordS-AN00A 10.0.1.167(C00E166R4P1) - Improper Authentication
Title source: llmDescription
Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak.
References (2)
Core 2
Core References
Broken Link x_refsource_confirm
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-202003116-01-smartphone-en
Scores
CVSS v3
5.5
EPSS
0.0005
EPSS Percentile
16.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-287
Status
published
Products (1)
huawei/honor_v30_firmware
< oxfords-an00a_10.0.1.167\(c00e166r4p1\)
Published
Mar 12, 2020
Tracked Since
Feb 18, 2026