CVE-2020-1803

Published: Apr 20, 2020Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.6 / Impact: 3.6

Source: NVD

Description

Huawei smartphones Honor V20 with versions earlier than 10.0.0.179(C636E3R4P3),versions earlier than 10.0.0.180(C185E3R3P3),versions earlier than 10.0.0.180(C432E10R3P4) have an information disclosure vulnerability. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, successful exploit could cause information disclosure.

Affected (3)

Products: Huawei: Honor V20 Firmware

1 product

Honor V20 Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Huawei Honor V20 Firmware	Before 10.0.0.179\(c636e3r4p3\)

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Huawei Honor V20 Firmware	Before 10.0.0.180\(c185e3r3p3\)

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Honor V20 Firmware	Before 10.0.0.180\(c432e10r3p4\)

Running on/with	Platform Versions
Huawei Honor V20	All versions

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-smartphone-en

Source: psirt@huawei.com

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-smartphone-en

Source: psirt@huawei.com

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-smartphone-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-smartphone-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.