Improper Authentication Vulnerability in Honor V30 Smartphones by Huawei
CVE-2020-1788
5.5MEDIUM
Summary
The Honor V30 smartphones prior to version 10.0.1.135(C00E130R4P1) are affected by an improper authentication vulnerability that undermines the security of certain applications. This flaw allows attackers to impersonate legitimate applications by not adequately verifying their identity when accessing interfaces. Consequently, users can be misled into installing malicious software, which could enable unauthorized actions and lead to critical information disclosure.
Affected Version(s)
Honor V30 Versions earlier than 10.0.1.135(C00E130R4P1)
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved