First published: Fri Jul 10 2020(Updated: )
HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei P30 Firmware | <10.1.0.123\(c432e22r2p5\) | |
HUAWEI P30 | ||
Huawei P30 Pro Firmware | <10.1.0.160\(c00e160r2p8\) | |
HUAWEI P30 Pro |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-9260 is an information disclosure vulnerability that affects HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8).
CVE-2020-9260 allows an attacker to disclose sensitive information due to insecure default configuration in the system's WI-FI function.
The severity of CVE-2020-9260 is medium, with a CVSS score of 6.5.
To fix CVE-2020-9260, update your HUAWEI P30 or HUAWEI P30 Pro smartphone to version 10.1.0.123(C432E22R2P5) or later, or version 10.1.0.160(C00E160R2P8) or later.
You can find more information about CVE-2020-9260 on Huawei's official website: [https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en)