var-202101-0997
Vulnerability from variot
There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products. SMC2.0 Is vulnerable to a lack of authentication.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Mate 30 is a smart phone of China's Huawei (Huawei) company.
Huawei Mate 30 has a buffer overflow vulnerability, which can be exploited by attackers by sending carefully crafted packets with specific parameters to the target device. Due to insufficient verification of the parameters, a successful attack may cause abnormal device behavior
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0997", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spc601", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r019c10", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spc500", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spc700", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spcc00", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spc600", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spc602", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spce00", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spc800", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spcb00", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spcd00", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c00spc800", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c00spc700", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r006c10spca00", }, { model: "smc2.0", scope: "eq", trust: 1, vendor: "huawei", version: "v600r019c00", }, { model: "smc2.0", scope: "eq", trust: 0.8, vendor: "huawei", version: null, }, { model: "smc2.0", scope: null, trust: 0.8, vendor: "huawei", version: null, }, { model: "smc2.0", scope: "eq", trust: 0.8, vendor: "huawei", version: "smc2.0 firmware", }, { model: "mate", scope: "eq", trust: 0.6, vendor: "huawei", version: "30", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-05397", }, { db: "JVNDB", id: "JVNDB-2020-015377", }, { db: "NVD", id: "CVE-2020-9209", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00spc700:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00spc800:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc500:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc600:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc601:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc602:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc700:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc800:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spca00:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcb00:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcc00:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcd00:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spce00:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r019c00:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:huawei:smc2.0_firmware:v600r019c10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-9209", }, ], }, cve: "CVE-2020-9209", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 4.6, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2020-9209", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "CNVD-2021-05397", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "NVD", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "High", baseScore: 6.7, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2020-9209", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-9209", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2021-05397", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202012-1884", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-9209", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-05397", }, { db: "VULMON", id: "CVE-2020-9209", }, { db: "JVNDB", id: "JVNDB-2020-015377", }, { db: "NVD", id: "CVE-2020-9209", }, { db: "CNNVD", id: "CNNVD-202012-1884", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products. SMC2.0 Is vulnerable to a lack of authentication.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Mate 30 is a smart phone of China's Huawei (Huawei) company. \n\r\n\r\nHuawei Mate 30 has a buffer overflow vulnerability, which can be exploited by attackers by sending carefully crafted packets with specific parameters to the target device. Due to insufficient verification of the parameters, a successful attack may cause abnormal device behavior", sources: [ { db: "NVD", id: "CVE-2020-9209", }, { db: "JVNDB", id: "JVNDB-2020-015377", }, { db: "CNVD", id: "CNVD-2021-05397", }, { db: "VULMON", id: "CVE-2020-9209", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-9209", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-015377", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-05397", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202012-1884", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-9209", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-05397", }, { db: "VULMON", id: "CVE-2020-9209", }, { db: "JVNDB", id: "JVNDB-2020-015377", }, { db: "NVD", id: "CVE-2020-9209", }, { db: "CNNVD", id: "CNNVD-202012-1884", }, ], }, id: "VAR-202101-0997", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-05397", }, ], trust: 1.26765326, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-05397", }, ], }, last_update_date: "2023-12-18T13:23:00.661000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "huawei-sa-20201230-01-pe", trust: 0.8, url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-pe-en", }, { title: "Patch for Huawei Mate 30 buffer overflow vulnerability (CNVD-2021-05397)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/245158", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-05397", }, { db: "JVNDB", id: "JVNDB-2020-015377", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-862", trust: 1, }, { problemtype: "Lack of authentication (CWE-862) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015377", }, { db: "NVD", id: "CVE-2020-9209", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9209", }, { trust: 1.7, url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-pe-en", }, { trust: 0.6, url: "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201230-01-pe-cn", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/269.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-05397", }, { db: "VULMON", id: "CVE-2020-9209", }, { db: "JVNDB", id: "JVNDB-2020-015377", }, { db: "NVD", id: "CVE-2020-9209", }, { db: "CNNVD", id: "CNNVD-202012-1884", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-05397", }, { db: "VULMON", id: "CVE-2020-9209", }, { db: "JVNDB", id: "JVNDB-2020-015377", }, { db: "NVD", id: "CVE-2020-9209", }, { db: "CNNVD", id: "CNNVD-202012-1884", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-01-22T00:00:00", db: "CNVD", id: "CNVD-2021-05397", }, { date: "2021-01-13T00:00:00", db: "VULMON", id: "CVE-2020-9209", }, { date: "2021-09-17T00:00:00", db: "JVNDB", id: "JVNDB-2020-015377", }, { date: "2021-01-13T23:15:13.807000", db: "NVD", id: "CVE-2020-9209", }, { date: "2020-12-30T00:00:00", db: "CNNVD", id: "CNNVD-202012-1884", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-01-23T00:00:00", db: "CNVD", id: "CNVD-2021-05397", }, { date: "2021-01-19T00:00:00", db: "VULMON", id: "CVE-2020-9209", }, { date: "2021-09-17T07:58:00", db: "JVNDB", id: "JVNDB-2020-015377", }, { date: "2021-07-21T11:39:23.747000", db: "NVD", id: "CVE-2020-9209", }, { date: "2021-01-21T00:00:00", db: "CNNVD", id: "CNNVD-202012-1884", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202012-1884", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "SMC2.0 Vulnerability in Microsoft", sources: [ { db: "JVNDB", id: "JVNDB-2020-015377", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202012-1884", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.