CVE-2020-9250
Global infos:
There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.
CVE Status: Awaiting Analysis
References:
Metrics:
| Attribute | Value |
|---|---|
| Attack Complexity | LOW |
| Attack Vector | LOCAL |
| Availability Impact | LOW |
| Base Score | 3.3 |
| Base Severity | LOW |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Privileges Required | NONE |
| Scope | UNCHANGED |
| User Interaction | REQUIRED |
| Vector String | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
| Exploitability Score | 1.8 |
| Impact Score | 1.4 |
| Source | [email protected] |
| Type | Secondary |