CVE-2020-9202

MEDIUM Year: 2020
CVSS v3 Score
4.4
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-922
View all →

Vulnerability Description

There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. Due to the improper storage of some information in certain specific scenario, the attacker can gain information in the victim's device to launch the attack, successful exploit could cause information disclosure.

Related Vulnerabilities

CVE-2019-9253

MEDIUM
CVSS:4.4(Medium)

In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox due to a missing strongbox flag. This could lead to local information disclosure with System execution pr...

CWE-9222019

CVE-2022-38090

MEDIUM
CVSS:4.4(Medium)

Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local acce...

CWE-9222022

CVE-2024-20050

MEDIUM
CVSS:4.4(Medium)

In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not nee...

CWE-9222024

CVE-2024-28132

MEDIUM
CVSS:4.4(Medium)

Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information. Note: Software versions which h...

CWE-9222024

CVE-2025-20886

MEDIUM
CVSS:4.4(Medium)

Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key.

CWE-9222025

CVE-2017-16560

MEDIUM
CVSS:4.3(Medium)

SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user ...

CWE-9222017