Improper Authorization Vulnerability in Huawei Smartphones
CVE-2020-1791

2.4LOW

Key Information:

Vendor: Huawei
Status: Huawei Mate 20
Vendor: CVE Published:; 18 February 2020

Summary

The vulnerability presents a flaw in the logic of authorization mechanisms on HUAWEI Mate 20 smartphones, specifically affecting versions prior to 10.0.0.185(C00E74R3P8). Under specific conditions, attackers exploiting this vulnerability could gain unauthorized access to switch to a third desktop while operating in ADB mode, potentially compromising user data and device security.

Affected Version(s)

HUAWEI Mate 20 Versions earlier than 10.0.0.185(C00E74R3P8)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 18, 2020
Vulnerability Reserved
Nov 29, 2019