medium
6.8
Advisory Published
Updated

CVE-2020-9244

First published: Tue Aug 11 2020(Updated: )

HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged

Credit: psirt@huawei.com

Affected SoftwareAffected VersionHow to fix
Huawei Mate 20 Firmware<10.1.0.160\(c00e160r3p8\)
HUAWEI Mate 20
Huawei Mate 20 Pro Firmware<10.1.0.270\(c431e7r1p5\)
HUAWEI Mate 20 Pro
Huawei Mate 20 X Firmware<10.1.0.160\(c00e160r2p8\)
HUAWEI Mate 20 X
Huawei P30 Firmware<10.1.0.160\(c00e160r2p11\)
HUAWEI P30
Huawei P30 Pro Firmware<10.1.0.160\(c00e160r2p8\)
HUAWEI P30 Pro
Huawei Mate 20 Rs Firmware<10.1.0.160\(c786e160r3p8\)
HUAWEI Mate 20 RS
Huawei Honor Magic 2 Firmware<10.0.0.187\(c00e61r2p11\)
Huawei Honor Magic 2
Huawei Honor 20 Firmware<10.0.0.175\(c00e58r4p11\)
Huawei Honor 20
Huawei Honor 20 Pro Firmware<10.0.0.194\(c00e62r8p12\)
Huawei HONOR 20 PRO
Huawei Honor V20 Firmware<10.0.0.188\(c00e62r2p11\)
Huawei Honor V20
Huawei Mate 20 Pro Firmware<10.1.0.270\(c635e3r1p5\)
Huawei Mate 20 Pro Firmware<10.1.0.273\(c636e7r2p4\)

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the vulnerability ID for this Huawei Mate 20 vulnerability?

    The vulnerability ID for this Huawei Mate 20 vulnerability is CVE-2020-9244.

  • Which Huawei devices are affected by this vulnerability?

    HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 Pro versions earlier than 10.1.0.270(C431E7R1P5, C635E3R1P5, C636E7R2P4), and HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8) are affected by this vulnerability.

  • What is the severity rating of this vulnerability?

    The severity rating of this vulnerability is medium with a CVSS score of 6.8.

  • How can I fix this vulnerability?

    To fix this vulnerability, users should update their HUAWEI Mate 20, Mate 20 Pro, and Mate 20 X devices to versions 10.1.0.160(C00E160R3P8), 10.1.0.270(C431E7R1P5, C635E3R1P5, C636E7R2P4), and 10.1.0.160(C00E160R2P8) respectively.

  • Where can I find more information about this vulnerability?

    More information about this vulnerability can be found on the Huawei Security Advisory page at https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203