CVE-2020-9073
LOWHuawei P20 Firmware < 10.0.0.156(C00E156R1P4) - Improper Authentication
Title source: llmDescription
Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E156R1P4) have an improper authentication vulnerability. The vulnerability is due to that when an user wants to do certain operation, the software insufficiently validate the user's identity. Attackers need to physically access the smartphone to exploit this vulnerability. Successful exploit could allow the attacker to bypass the limit of student mode function.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-01-smartphone-en
Scores
CVSS v3
2.4
EPSS
0.0003
EPSS Percentile
7.6%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-287
Status
published
Products (1)
huawei/p20_firmware
< 10.0.0.156\(c00e156r1p4\)
Published
May 15, 2020
Tracked Since
Feb 18, 2026