CVE-2020-9235
Description
Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
HONOR 20 PRO smartphones running Magic UI before specific patches have an information leak vulnerability due to a module's design error that fails to control input.
Vulnerability
HONOR 20 PRO smartphones running Magic UI versions earlier than 10.1.0.230(C432E9R5P1), 10.1.0.231(C10E3R3P2), 10.1.0.231(C185E3R5P1), 10.1.0.231(C636E3R3P1), 10.1.0.212(C432E10R3P4), 10.1.0.213(C636E3R4P3), 10.1.0.214(C10E5R4P3), 10.1.0.214(C185E3R3P3), 10.1.0.212(C00E210R5P1), 10.1.0.160(C00E160R2P11), 10.1.0.160(C01E160R2P11), 10.1.0.160(C00E160R8P12), 10.1.0.225(C431E3R1P2), and 10.1.0.225(C432E3R1P2) contain an information vulnerability [1]. A module has a design error that lacks control of input, which can be exploited to obtain information [1].
Exploitation
An attacker can exploit this vulnerability to obtain some information [1]. The specific attack vector is not described in the available references, but the vulnerability stems from a lack of input control in a module [1].
Impact
Successful exploitation leads to information leak [1]. The attacker may obtain sensitive information from the device, though the exact type of information and privilege level are not detailed in the references [1].
Mitigation
Huawei has released software updates to fix this vulnerability [1]. The resolved product and versions are listed in the security advisory [1]. Users should upgrade their HONOR 20 PRO to the corresponding fixed versions specified in the advisory [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Huawei/HONOR 20 PROdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-enmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.