var-202006-1715
Vulnerability from variot
Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional condition Vulnerability. A component cannot deal with an exception correctly. Attackers can exploit this vulnerability by sending malformed message. This could compromise normal service of affected phones. are all smartphones of the Chinese company Huawei. The vulnerability stems from the failure of the phone to properly handle exceptions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1715",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "honor pro \u003c=10.0.0.194",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "20"
},
{
"model": "honor view \u003c=10.0.0.201",
"scope": "eq",
"trust": 1.2,
"vendor": "huawei",
"version": "20"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.194\\(c636e3r3p1\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.194\\(c00e62r8p12\\)"
},
{
"model": "honor view 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.201\\(c636e3r4p3\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.194\\(c10e3r3p2\\)"
},
{
"model": "honor view 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.195\\(c00e62r4p11\\)"
},
{
"model": "honor view 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.201\\(c10e5r4p3\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.186\\(c185e2r2p1\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.194\\(c432e9r5p1\\)"
},
{
"model": "honor view 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.200\\(c185e3r3p3\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "10.0.0.194\\(c432e9r5p1\\)"
},
{
"model": "honor 20 pro",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor view 20",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor pro \u003c=10.0.0.187",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "honor view \u003c=10.0.0.200",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "honor view \u003c=10.0.0.195",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "20"
},
{
"model": "honor 20s \u003c=10.0.0.186",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20s \u003c=10.0.0.194",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36724"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"db": "NVD",
"id": "CVE-2020-9074"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:honor_20_pro_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:honor_20_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:honor_view_20_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
}
]
},
"cve": "CVE-2020-9074",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-9074",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-006173",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-36724",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-9074",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-006173",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-9074",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-006173",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-36724",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-412",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36724"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-412"
},
{
"db": "NVD",
"id": "CVE-2020-9074"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional condition Vulnerability. A component cannot deal with an exception correctly. Attackers can exploit this vulnerability by sending malformed message. This could compromise normal service of affected phones. are all smartphones of the Chinese company Huawei. The vulnerability stems from the failure of the phone to properly handle exceptions",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9074"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"db": "CNVD",
"id": "CNVD-2020-36724"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9074",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006173",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-36724",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-412",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36724"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-412"
},
{
"db": "NVD",
"id": "CVE-2020-9074"
}
]
},
"id": "VAR-202006-1715",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36724"
}
],
"trust": 1.1694444466666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36724"
}
]
},
"last_update_date": "2024-11-23T22:51:19.821000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200603-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-smartphone-en"
},
{
"title": "Patch for Huawei Honor 20 PRO, Honor View 20 and Honor 20 mishandling vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/224813"
},
{
"title": "Huawei Honor 20 PRO , Honor View 20 and Honor 20 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=120708"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36724"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-412"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-755",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"db": "NVD",
"id": "CVE-2020-9074"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-smartphone-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9074"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200603-01-smartphone-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9074"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36724"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-412"
},
{
"db": "NVD",
"id": "CVE-2020-9074"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-36724"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-412"
},
{
"db": "NVD",
"id": "CVE-2020-9074"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-36724"
},
{
"date": "2020-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"date": "2020-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-412"
},
{
"date": "2020-06-05T15:15:11.033000",
"db": "NVD",
"id": "CVE-2020-9074"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-36724"
},
{
"date": "2020-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006173"
},
{
"date": "2020-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-412"
},
{
"date": "2024-11-21T05:39:58.737000",
"db": "NVD",
"id": "CVE-2020-9074"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-412"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability in handling exceptional conditions in smartphone products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006173"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-412"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.