CVE-2020-9235: Input Validation
First published: Thu Sep 03 2020(Updated: )
Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Honor 20 Pro Firmware | <10.1.0.230\(c432e9r5p1\) | |
| Huawei HONOR 20 PRO | ||
| Huawei Honor 20 Pro Firmware | <10.1.0.231\(c10e3r3p2\) | |
| Huawei Honor 20 Pro Firmware | <10.1.0.231\(c185e3r5p1\) | |
| Huawei Honor 20 Pro Firmware | <10.1.0.231\(c636e3r3p1\) | |
| Huawei Honor View 20 Firmware | <10.1.0.212\(c432e10r3p4\) | |
| Huawei Honor View 20 | ||
| Huawei Honor View 20 Firmware | <10.1.0.213\(c636e3r4p3\) | |
| Huawei Honor View 20 Firmware | <10.1.0.214\(c10e5r4p3\) | |
| Huawei Honor View 20 Firmware | <10.1.0.214\(c185e3r3p3\) | |
| Huawei Oxfords-an00a Firmware | <10.1.0.212\(c00e210r5p1\) | |
| Huawei Oxfords-an00a | ||
| Huawei Princeton-al10b Firmware | <10.1.0.160\(c00e160r2p11\) | |
| Huawei Princeton-al10b | ||
| Huawei Princeton-al10d Firmware | <10.1.0.160\(c00e160r2p11\) | |
| Huawei Princeton-al10d | ||
| Huawei Princeton-tl10c Firmware | <10.1.0.160\(c01e160r2p11\) | |
| Huawei Princeton-tl10c | ||
| Huawei Tony-al00b Firmware | <10.1.0.160\(c00e160r2p11\) | |
| Huawei Tony-al00b | ||
| Google Android | <10.1.0.160\(c00e160r8p12\) | |
| Apple Sierra | ||
| Huawei Yale-l21a Firmware | <10.1.0.230\(c432e9r5p1\) | |
| Huawei Yale-l21a | ||
| Huawei Yale-l21a Firmware | <10.1.0.231\(c10e3r3p2\) | |
| Huawei Yale-l21a Firmware | <10.1.0.231\(c636e3r3p1\) | |
| Huawei Yale-l61a Firmware | <10.1.0.225\(c431e3r1p2\) | |
| Huawei Yale-l61a | ||
| Huawei Yale-l61a Firmware | <10.1.0.225\(c432e3r1p2\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-9235?
CVE-2020-9235 is a vulnerability found in Huawei smartphones HONOR 20 PRO.
How does CVE-2020-9235 affect Huawei smartphones?
CVE-2020-9235 affects versions earlier than 10.1.0.230(C432E9R5P1), 10.1.0.231(C10E3R3P2), 10.1.0.231(C185E3R5P1), and 10.1.0.231(C636E3R3P1) of Huawei smartphones HONOR 20 PRO.
What is the severity of CVE-2020-9235?
CVE-2020-9235 has a severity rating of 5.5 (medium).
How can I fix CVE-2020-9235?
To fix CVE-2020-9235, update your Huawei smartphone HONOR 20 PRO to version 10.1.0.230(C432E9R5P1) or later.
Where can I find more information about CVE-2020-9235?
You can find more information about CVE-2020-9235 on the official Huawei website: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/tags
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei honor 20 pro firmware
- canonical/huawei honor 20 pro
- canonical/huawei honor view 20 firmware
- canonical/huawei honor view 20
- canonical/huawei oxfords-an00a firmware
- canonical/huawei oxfords-an00a
- canonical/huawei princeton-al10b firmware
- canonical/huawei princeton-al10b
- canonical/huawei princeton-al10d firmware
- canonical/huawei princeton-al10d
- canonical/huawei princeton-tl10c firmware
- canonical/huawei princeton-tl10c
- canonical/huawei tony-al00b firmware
- canonical/huawei tony-al00b
- canonical/google android
- canonical/apple sierra
- canonical/huawei yale-l21a firmware
- canonical/huawei yale-l21a
- canonical/huawei yale-l61a firmware
- canonical/huawei yale-l61a