PT-2020-20526 · Huawei · Huawei P30

Published

2020-07-06

Updated

2020-07-09

CVE-2020-9226

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions HUAWEI P30 versions earlier than 10.1.0.135(C00E135R2P11)

Description The system has an improper signature verification issue, where it does not properly check the signature of specific software packages. An attacker can exploit this to load a crafted software package onto the device.

Recommendations For versions earlier than 10.1.0.135(C00E135R2P11), update to version 10.1.0.135(C00E135R2P11) or later to resolve the issue. As a temporary workaround, consider restricting the installation of software packages from untrusted sources until a patch is applied.

Fix

Improper Verification of Cryptographic Signature

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-347

Related Identifiers

CVE-2020-9226

Affected Products

Huawei P30

PT-2020-20526 · Huawei · Huawei P30

CVE-2020-9226

Weakness Enumeration

Related Identifiers

Affected Products

References · 4