Home / Early Warning / Vulnerabilities / CVE-2020-9066

CVE-2020-9066

Type: 
Authentication Issues
Severity: 
Medium
Publication date: 
03/26/2020
Last modified: 
03/30/2020
Description
Huawei smartphones OxfordP-AN10B with versions earlier than 10.0.1.169(C00E166R4P1) have an improper authentication vulnerability. The Application doesn't perform proper authentication when user performs certain operations. An attacker can trick user into installing a malicious plug-in to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations.
Impact
Access Vector: Through network
Access Complexity: Media
Authentication: Not required to exploit
Impact Type: Partially affects on system integrity + Partially affects on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:o:huawei:oxfordp-an10b_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:huawei:oxfordp-an10b:-:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields