Sign-up

ID

VAR-202101-1005


CVE

CVE-2020-9203


TITLE

Huawei P30 resource management error vulnerability

Trust: 1.2

sources: CNVD: CNVD-2021-04742 // CNNVD: CNNVD-202012-1885

DESCRIPTION

There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience. Huawei P30 is a smart phone of China's Huawei (Huawei) company. The local application can pass specially crafted data to the application and perform a denial of service (DoS) attack

Trust: 2.16

sources: NVD: CVE-2020-9203 // JVNDB: JVNDB-2020-015410 // CNVD: CNVD-2021-04742

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-04742

AFFECTED PRODUCTS

vendor:huaweimodel:p30scope: - version: -

Trust: 1.4

vendor:huaweimodel:p30scope:ltversion:10.1.0.179\(c185e7r7p1\)

Trust: 1.0

vendor:huaweimodel:p30scope:ltversion:10.1.0.179\(c10e8r5p1\)

Trust: 1.0

vendor:huaweimodel:p30scope:ltversion:10.1.0.168\(c00e168r2p11\)

Trust: 1.0

vendor:huaweimodel:p30scope:ltversion:10.1.0.176\(c635e4r2p4\)

Trust: 1.0

vendor:huaweimodel:p30scope:ltversion:10.1.0.179\(c605e23r1p3\)

Trust: 1.0

vendor:huaweimodel:p30scope:ltversion:10.1.0.177\(c636e8r3p4\)

Trust: 1.0

vendor:huaweimodel:p30scope:ltversion:10.1.0.168\(c01e168r2p11\)

Trust: 1.0

vendor:huaweimodel:p30scope:eqversion: -

Trust: 0.8

vendor:huaweimodel:p30scope:eqversion:p30 firmware

Trust: 0.8

sources: CNVD: CNVD-2021-04742 // JVNDB: JVNDB-2020-015410 // NVD: CVE-2020-9203

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-9203
value: LOW

Trust: 1.0

NVD: CVE-2020-9203
value: LOW

Trust: 0.8

CNVD: CNVD-2021-04742
value: LOW

Trust: 0.6

CNNVD: CNNVD-202012-1885
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2020-9203
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2021-04742
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-9203
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2020-9203
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-04742 // JVNDB: JVNDB-2020-015410 // CNNVD: CNNVD-202012-1885 // NVD: CVE-2020-9203

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.0

problemtype:Resource exhaustion (CWE-400) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-015410 // NVD: CVE-2020-9203

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202012-1885

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202012-1885

PATCH

title:huawei-sa-20201230-01-resourcemanagementurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-resourcemanagement-en

Trust: 0.8

title:Patch for Huawei P30 resource management error vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/244852

Trust: 0.6

sources: CNVD: CNVD-2021-04742 // JVNDB: JVNDB-2020-015410

EXTERNAL IDS

db:NVDid:CVE-2020-9203

Trust: 3.0

db:JVNDBid:JVNDB-2020-015410

Trust: 0.8

db:CNVDid:CNVD-2021-04742

Trust: 0.6

db:CNNVDid:CNNVD-202012-1885

Trust: 0.6

sources: CNVD: CNVD-2021-04742 // JVNDB: JVNDB-2020-015410 // CNNVD: CNNVD-202012-1885 // NVD: CVE-2020-9203

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-9203

Trust: 2.0

url:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-resourcemanagement-en

Trust: 1.6

url:https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201230-01-resourcemanagement-cn

Trust: 0.6

sources: CNVD: CNVD-2021-04742 // JVNDB: JVNDB-2020-015410 // CNNVD: CNNVD-202012-1885 // NVD: CVE-2020-9203

SOURCES

db:CNVDid:CNVD-2021-04742
db:JVNDBid:JVNDB-2020-015410
db:CNNVDid:CNNVD-202012-1885
db:NVDid:CVE-2020-9203

LAST UPDATE DATE

2024-11-23T21:34:53.782000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-04742date:2021-01-21T00:00:00
db:JVNDBid:JVNDB-2020-015410date:2021-09-21T09:03:00
db:CNNVDid:CNNVD-202012-1885date:2021-01-21T00:00:00
db:NVDid:CVE-2020-9203date:2024-11-21T05:40:09.363

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-04742date:2021-01-21T00:00:00
db:JVNDBid:JVNDB-2020-015410date:2021-09-21T00:00:00
db:CNNVDid:CNNVD-202012-1885date:2020-12-30T00:00:00
db:NVDid:CVE-2020-9203date:2021-01-13T22:15:14.240