CVE-2020-1831

Published: May 29, 2020Modified: Nov 21, 2024

2.4

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 0.9 / Impact: 1.4

Source: NVD

Description

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC.

Affected (1)

Products: Huawei: Mate 20 Firmware

1 product

Mate 20 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Mate 20 Firmware	Before 10.0.0.195\(sp31c00e74r3p8\)

Running on/with	Platform Versions
Huawei Mate 20	All versions

Related CWEs

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (2)

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-04-smartphone-en

Source: psirt@huawei.com

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-04-smartphone-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.