Improper Authentication Vulnerability in Honor V30 Smartphones by Huawei
CVE-2020-1788

5.5MEDIUM

Key Information:

Vendor
Huawei
Status
Vendor
CVE Published:
21 January 2020

Summary

The Honor V30 smartphones prior to version 10.0.1.135(C00E130R4P1) are affected by an improper authentication vulnerability that undermines the security of certain applications. This flaw allows attackers to impersonate legitimate applications by not adequately verifying their identity when accessing interfaces. Consequently, users can be misled into installing malicious software, which could enable unauthorized actions and lead to critical information disclosure.

Affected Version(s)

Honor V30 Versions earlier than 10.0.1.135(C00E130R4P1)

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.