What is the severity of CVE-2020-9148?

CVE-2020-9148 is rated as a medium severity vulnerability.

How can I fix CVE-2020-9148?

To fix CVE-2020-9148, users should update their Huawei Smartphone to the latest version of the EMUI or Magic UI software that addresses the vulnerability.

Which versions of Huawei software are affected by CVE-2020-9148?

CVE-2020-9148 affects Huawei EMUI versions 9.1.0 and 10.0.0 to 11.0.0, as well as Magic UI versions 3.0.0 to 4.0.0.

Can CVE-2020-9148 be exploited remotely?

CVE-2020-9148 requires local access to the device, so it cannot be exploited remotely.

What impact does CVE-2020-9148 have on users?

CVE-2020-9148 allows local attackers to delete user SMS messages on affected Huawei smartphones.

Vulnerability/
CVE-2020-9148

medium

5.5

1/4/2021

4/8/2024

CVE-2020-9148

First published: Thu Apr 01 2021(Updated: )

An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei EMUI	=9.1.0
Huawei EMUI	=10.0.0
Huawei EMUI	=10.1.0
Huawei EMUI	=10.1.1
Huawei EMUI	=11.0.0
Magic UI	=3.0.0
Magic UI	=3.1.0
Magic UI	=3.1.1
Magic UI	=4.0.0

Never miss a vulnerability like this again

Reference Links

https://consumer.huawei.com/cn/support/bulletin/2021/1

Frequently Asked Questions

What is the severity of CVE-2020-9148?
CVE-2020-9148 is rated as a medium severity vulnerability.
How can I fix CVE-2020-9148?
To fix CVE-2020-9148, users should update their Huawei Smartphone to the latest version of the EMUI or Magic UI software that addresses the vulnerability.
Which versions of Huawei software are affected by CVE-2020-9148?
CVE-2020-9148 affects Huawei EMUI versions 9.1.0 and 10.0.0 to 11.0.0, as well as Magic UI versions 3.0.0 to 4.0.0.
Can CVE-2020-9148 be exploited remotely?
CVE-2020-9148 requires local access to the device, so it cannot be exploited remotely.
What impact does CVE-2020-9148 have on users?
CVE-2020-9148 allows local attackers to delete user SMS messages on affected Huawei smartphones.

agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/references
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/huawei
canonical/huawei emui
version/huawei emui/9.1.0
version/huawei emui/10.0.0
version/huawei emui/10.1.0
version/huawei emui/10.1.1
version/huawei emui/11.0.0
canonical/magic ui
version/magic ui/3.0.0
version/magic ui/3.1.0
version/magic ui/3.1.1
version/magic ui/4.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.