Improper Authentication Vulnerability in HUAWEI Mate 30 Pro
CVE-2020-1838
5.5MEDIUM
Summary
The HUAWEI Mate 30 Pro, prior to version 10.1.0.150(C00E136R5P3), exhibits an improper authentication vulnerability. This weakness arises from the device's inability to adequately validate user face credentials, potentially allowing an attacker to create and employ a crafted credential. Successful exploitation of this vulnerability may enable unauthorized access through the application's authentication mechanism, posing significant security risks.
Affected Version(s)
HUAWEI Mate 30 Pro Versions earlier than 10.1.0.150(C00E136R5P3)
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved