Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an information disclosure vulnerability. The device does not sufficiently validate the output of device in certain specific scenario, the attacker can gain information in the victim's smartphone to launch the attack, successful exploit could cause information disclosure.
References
Link | Resource |
---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-02-informationleak-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-10-12 08:15
Updated : 2021-07-21 04:39
NVD link : CVE-2020-9110
Mitre link : CVE-2020-9110
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
huawei
- taurus-an00b
- taurus-an00b_firmware