VAR-202101-0997
Vulnerability from variot - Updated: 2023-12-18 13:23There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products. SMC2.0 Is vulnerable to a lack of authentication.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Mate 30 is a smart phone of China's Huawei (Huawei) company.
Huawei Mate 30 has a buffer overflow vulnerability, which can be exploited by attackers by sending carefully crafted packets with specific parameters to the target device. Due to insufficient verification of the parameters, a successful attack may cause abnormal device behavior
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202101-0997",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spc601"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r019c10"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spc500"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spc700"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spcc00"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spc600"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spc602"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spce00"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spc800"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spcb00"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spcd00"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c00spc800"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c00spc700"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r006c10spca00"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r019c00"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "smc2.0",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "smc2.0 firmware"
},
{
"model": "mate",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "30"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"db": "NVD",
"id": "CVE-2020-9209"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00spc700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00spc800:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc601:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc602:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc800:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spca00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcb00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcc00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcd00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spce00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r019c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:smc2.0_firmware:v600r019c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9209"
}
]
},
"cve": "CVE-2020-9209",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-9209",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-05397",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-9209",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-9209",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2021-05397",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1884",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-9209",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"db": "VULMON",
"id": "CVE-2020-9209"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"db": "NVD",
"id": "CVE-2020-9209"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1884"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products. SMC2.0 Is vulnerable to a lack of authentication.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Mate 30 is a smart phone of China\u0027s Huawei (Huawei) company. \n\r\n\r\nHuawei Mate 30 has a buffer overflow vulnerability, which can be exploited by attackers by sending carefully crafted packets with specific parameters to the target device. Due to insufficient verification of the parameters, a successful attack may cause abnormal device behavior",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9209"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"db": "VULMON",
"id": "CVE-2020-9209"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9209",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015377",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-05397",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1884",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-9209",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"db": "VULMON",
"id": "CVE-2020-9209"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"db": "NVD",
"id": "CVE-2020-9209"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1884"
}
]
},
"id": "VAR-202101-0997",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-05397"
}
],
"trust": 1.26765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-05397"
}
]
},
"last_update_date": "2023-12-18T13:23:00.661000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20201230-01-pe",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-pe-en"
},
{
"title": "Patch for Huawei Mate 30 buffer overflow vulnerability (CNVD-2021-05397)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/245158"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-862",
"trust": 1.0
},
{
"problemtype": "Lack of authentication (CWE-862) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"db": "NVD",
"id": "CVE-2020-9209"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9209"
},
{
"trust": 1.7,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-pe-en"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201230-01-pe-cn"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/269.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"db": "VULMON",
"id": "CVE-2020-9209"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"db": "NVD",
"id": "CVE-2020-9209"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1884"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"db": "VULMON",
"id": "CVE-2020-9209"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"db": "NVD",
"id": "CVE-2020-9209"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1884"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"date": "2021-01-13T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9209"
},
{
"date": "2021-09-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"date": "2021-01-13T23:15:13.807000",
"db": "NVD",
"id": "CVE-2020-9209"
},
{
"date": "2020-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1884"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-05397"
},
{
"date": "2021-01-19T00:00:00",
"db": "VULMON",
"id": "CVE-2020-9209"
},
{
"date": "2021-09-17T07:58:00",
"db": "JVNDB",
"id": "JVNDB-2020-015377"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-9209"
},
{
"date": "2021-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1884"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1884"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SMC2.0\u00a0 Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015377"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1884"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…