← Back

CVE-2020-1882

nvd nist
Published: Feb 18, 2020Modified: Nov 21, 2024

JSON object

Loading...
4.6
Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 0.9 / Impact: 3.6
Source: NVD

Description

Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations.

Affected (6)

Huawei
4 products
Mate 20 Rs Firmware
Mate 20 X Firmware
Honor Magic2 Firmware
Ever L29b Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mate 20 Rs Firmware
Before 10.0.0.175\(c786e70r3p8\)
Running on/withPlatform Versions
Huawei
Mate 20 Rs
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mate 20 X Firmware
Before 10.0.0.176\(c00e70r2p8\)
Running on/withPlatform Versions
Huawei
Mate 20 X
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Honor Magic2 Firmware
Before 10.0.0.175\(c00e59r2p11\)
Running on/withPlatform Versions
Huawei
Honor Magic2
All versions
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Ever L29b Firmware
Before 10.0.0.180\(c185e6r3p3\)
Configuration E
1 vulnerable
Vulnerable SoftwareAffected Versions
Ever L29b Firmware
Before 10.0.0.180\(c432e6r1p7\)
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ever L29b Firmware
Before 10.0.0.180\(c636e5r2p3\)
Running on/withPlatform Versions
Huawei
Ever L29b
All versions

References (2)

Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.