How severe is CVE-2020-9109?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2020-9109?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2020-9109 - MEDIUM Severity | CVSS 4.6

Vulnerability Description

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).

Related Vulnerabilities

CVE-2012-6340

MEDIUM

CVSS:4.6(Medium)

An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002.

CWE-2872012

CVE-2013-5112

MEDIUM

CVSS:4.6(Medium)

Evernote before 5.5.1 has insecure PIN storage

CWE-2872013

CVE-2016-11041

MEDIUM

CVSS:4.6(Medium)

An issue was discovered on Samsung mobile devices with KK(4.4) software. Attackers can bypass the lockscreen by sending an AT command over USB. The Samsung ID is SVE-2015-5301 (June 2016).

CWE-2872016

CVE-2017-18646

MEDIUM

CVSS:4.6(Medium)

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. An attacker can bypass the password requirement for tablet user switching by folding the magnetic cover. The Samsung ...

CWE-2872017

CVE-2017-2721

MEDIUM

CVSS:4.6(Medium)

Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CU...

CWE-2872017

CVE-2018-21062

MEDIUM

CVSS:4.6(Medium)

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. When biometric authentication is disabled, an attacker can view Streams content (e.g., a Gallery slideshow) of a lock...

CWE-2872018