Vulnerability Details CVE-2020-9252
HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.4%
CVSS Severity
CVSS v3 Score 2.3
CVSS v2 Score 2.1
References
Products affected by CVE-2020-9252
-
cpe:2.3:h:huawei:magic2:-
-
cpe:2.3:h:huawei:mate_20:-
-
cpe:2.3:h:huawei:mate_20_rs:-
-
cpe:2.3:h:huawei:mate_20_x:-
-
cpe:2.3:o:huawei:magic2_firmware:-
-
cpe:2.3:o:huawei:mate_20_firmware:-
-
cpe:2.3:o:huawei:mate_20_firmware:10.0.0.175(c00e70r3p8)
-
cpe:2.3:o:huawei:mate_20_firmware:10.0.0.185(c00e74r3p8)
-
cpe:2.3:o:huawei:mate_20_firmware:10.0.0.188(c00e74r3p8)
-
cpe:2.3:o:huawei:mate_20_firmware:10.0.0.195(c00e74r3p8)
-
cpe:2.3:o:huawei:mate_20_firmware:10.0.0.195(sp31c00e74r3p8)
-
cpe:2.3:o:huawei:mate_20_firmware:9.0.0.195(c01e195r2p1)
-
cpe:2.3:o:huawei:mate_20_firmware:9.0.0.205(c00e205r2p1)
-
cpe:2.3:o:huawei:mate_20_firmware:9.1.0.131(c00e131r3p1)
-
cpe:2.3:o:huawei:mate_20_firmware:9.1.0.139(c00e133r3p1)
-
cpe:2.3:o:huawei:mate_20_rs_firmware:-
-
cpe:2.3:o:huawei:mate_20_rs_firmware:10.0.0.175(c786e70r3p8)
-
cpe:2.3:o:huawei:mate_20_rs_firmware:9.1.0.135(c786e133r3p1)
-
cpe:2.3:o:huawei:mate_20_x_firmware:-
-
cpe:2.3:o:huawei:mate_20_x_firmware:10.0.0.176(c00e70r2p8)
-
cpe:2.3:o:huawei:mate_20_x_firmware:10.0.0.195(c00e74r2p8)
-
cpe:2.3:o:huawei:mate_20_x_firmware:9.1.0.135(c00e133r2p1)