ID
VAR-202101-1001
CVE
CVE-2020-9141
TITLE
plural Huawei Insufficient verification vulnerability in data reliability on smartphones
Trust: 0.8
sources:
JVNDB: JVNDB-2020-015407
DESCRIPTION
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity. Huawei Emui is an Android-based mobile operating system developed by Huawei in China. Honor Magic Ui is an Android-based mobile operating system developed by China Honor Company
Trust: 1.71
sources:
NVD: CVE-2020-9141 //
JVNDB: JVNDB-2020-015407 //
VULHUB: VHN-187266
AFFECTED PRODUCTS
| vendor: | huawei | model: | emui | scope: | eq | version: | 10.1.1 | Trust: 1.0 |
| vendor: | huawei | model: | magic ui | scope: | eq | version: | 3.1.1 | Trust: 1.0 |
| vendor: | huawei | model: | magic ui | scope: | eq | version: | 3.1.0 | Trust: 1.0 |
| vendor: | huawei | model: | emui | scope: | eq | version: | 10.1.0 | Trust: 1.0 |
| vendor: | huawei | model: | emui | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | magic ui | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2020-015407 //
NVD: CVE-2020-9141
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-187266 //
JVNDB: JVNDB-2020-015407 //
CNNVD: CNNVD-202101-1100 //
NVD: CVE-2020-9141
PROBLEMTYPE DATA
| problemtype: | CWE-269 | Trust: 1.1 |
| problemtype: | CWE-345 | Trust: 1.1 |
| problemtype: | Improper authority management (CWE-269) [NVD Evaluation ] | Trust: 0.8 |
| problemtype: | Inadequate verification of data reliability (CWE-345) [NVD Evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-187266 //
JVNDB: JVNDB-2020-015407 //
NVD: CVE-2020-9141
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202101-1100
TYPE
data forgery
Trust: 0.6
sources:
CNNVD: CNNVD-202101-1100
PATCH
| title: | Huawei EMUI/Magic UI security updates Dec-20 | url: | https://consumer.huawei.com/en/support/bulletin/2020/12/ | Trust: 0.8 |
| title: | Repair measures for Huawei smartphone authorization bugs | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139460 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2020-015407 //
CNNVD: CNNVD-202101-1100
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-9141 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2020-015407 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202101-1100 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-187266 | Trust: 0.1 |
sources:
VULHUB: VHN-187266 //
JVNDB: JVNDB-2020-015407 //
CNNVD: CNNVD-202101-1100 //
NVD: CVE-2020-9141
REFERENCES
| url: | https://consumer.huawei.com/en/support/bulletin/2020/12/ | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-9141 | Trust: 1.4 |
sources:
VULHUB: VHN-187266 //
JVNDB: JVNDB-2020-015407 //
CNNVD: CNNVD-202101-1100 //
NVD: CVE-2020-9141
SOURCES
| db: | VULHUB | id: | VHN-187266 |
| db: | JVNDB | id: | JVNDB-2020-015407 |
| db: | CNNVD | id: | CNNVD-202101-1100 |
| db: | NVD | id: | CVE-2020-9141 |
LAST UPDATE DATE
2024-08-14T15:33:17.230000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-187266 | date: | 2021-07-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-015407 | date: | 2021-09-21T09:03:00 |
| db: | CNNVD | id: | CNNVD-202101-1100 | date: | 2021-01-21T00:00:00 |
| db: | NVD | id: | CVE-2020-9141 | date: | 2021-07-21T11:39:23.747 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-187266 | date: | 2021-01-13T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-015407 | date: | 2021-09-21T00:00:00 |
| db: | CNNVD | id: | CNNVD-202101-1100 | date: | 2021-01-13T00:00:00 |
| db: | NVD | id: | CVE-2020-9141 | date: | 2021-01-13T22:15:14.083 |