CVE-2020-9110
MEDIUMHuawei Taurus-AN00B Firmware < 10.1.0.156 - Information Disclosure via Insufficient Output Validation
Title source: llmDescription
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an information disclosure vulnerability. The device does not sufficiently validate the output of device in certain specific scenario, the attacker can gain information in the victim's smartphone to launch the attack, successful exploit could cause information disclosure.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-02-informationleak-en
Scores
CVSS v3
4.6
EPSS
0.0003
EPSS Percentile
8.8%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-20
Status
published
Products (1)
huawei/taurus-an00b_firmware
< 10.1.0.156
Published
Oct 12, 2020
Tracked Since
Feb 18, 2026