medium
5.5
CWE
20
Advisory Published
Updated

CVE-2020-9239: Input Validation

First published: Fri Sep 11 2020(Updated: )

Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than 8.0.0.163(C636),Versions earlier than 8.0.0.172(C10);Duke-L09 versions Duke-L09C10B187, versions Duke-L09C432B189, versions Duke-L09C636B189;HUAWEI P20 versions earlier than 8.0.1.16(C00);HUAWEI P20 Pro versions earlier than 8.1.0.152(C00);Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172;LON-L29D versions LON-L29DC721B192;NEO-AL00D versions earlier than 8.1.0.172(C786);Stanford-AL00 versions Stanford-AL00C00B123;Toronto-AL00 versions earlier than Toronto-AL00AC00B225;Toronto-AL00A versions earlier than Toronto-AL00AC00B225;Toronto-TL10 versions earlier than Toronto-TL10C01B225 have an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerab

Credit: psirt@huawei.com

Affected SoftwareAffected VersionHow to fix
Huawei Bla-a09 Firmware=8.0.0.123\(c212\)
Huawei Bla-a09
Huawei Bla-a09 Firmware<8.0.0.123\(c567\)
Huawei Bla-a09 Firmware<8.0.0.123\(c797\)
Google Android<8.1.0.326\(c01\)
Apple iOS
Huawei Berkeley-l09 Firmware<8.0.0.163\(c10\)
Apple tvOS
Huawei Berkeley-l09 Firmware<=8.0.0.163\(c432\)
Huawei Berkeley-l09 Firmware<8.0.0.163\(c636\)
Huawei Berkeley-l09 Firmware<8.0.0.172\(c10\)
Huawei Duke-l09 Firmware=duke-l09c10b187
Huawei Duke-l09 Firmware=duke-l09c432b189
Huawei Duke-l09 Firmware=duke-l09c636b189
Huawei Duke-l09
Huawei P20 Firmware<8.0.1.16\(c00\)
HUAWEI P20
Huawei P20 Pro Firmware<8.1.0.152\(c00\)
HUAWEI P20 Pro
Huawei Jimmy-al00a Firmware<jimmy-al00ac00b172
Huawei Jimmy-al00a
Huawei Lon-l29d Firmware=lon-l29dc721b192
Huawei Lon-l29d
Huawei Neo-al00d Firmware<8.1.0.172\(c786\)
Huawei Neo-al00d
Huawei Stanford-al00 Firmware=stanford-al00c00b123
Huawei Stanford-al00
Huawei Toronto-al00 Firmware<toronto-al00ac00b225
Huawei Toronto-al00
Huawei Toronto-al00a Firmware<toronto-al00ac00b225
Huawei Toronto-al00a
Huawei Toronto-tl10 Firmware<toronto-tl10c01b225
Huawei Toronto-tl10

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2020-9239?

    The severity of CVE-2020-9239 is medium with a severity value of 5.5.

  • Which Huawei smartphones are affected by CVE-2020-9239?

    Huawei smartphones BLA-A09 versions 8.0.0.123(C212), versions earlier than 8.0.0.123(C567), versions earlier than 8.0.0.123(C797); BLA-TL00B versions earlier than 8.1.0.326(C01); Berkeley-L09 versions earlier than 8.0.0.163(C10), versions earlier than 8.0.0.163(C432), versions earlier than 8.0.0.163(C636) are affected.

  • How can I fix the CVE-2020-9239 vulnerability?

    To fix the CVE-2020-9239 vulnerability, update your Huawei smartphone to the latest firmware version provided by Huawei.

  • Where can I find more information about CVE-2020-9239?

    You can find more information about CVE-2020-9239 on the Huawei Security Advisories website.

  • What is the CWE ID of CVE-2020-9239?

    The CWE ID of CVE-2020-9239 is 20.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203