Improper Authentication Vulnerability in Huawei P20 Smartphones
CVE-2020-9073
2.4LOW
Summary
Huawei P20 smartphones running versions prior to 10.0.0.156 are susceptible to an improper authentication vulnerability. This issue arises when the software fails to adequately verify a user's identity during specific operations. Attackers must gain physical access to the device to exploit this vulnerability, enabling them to circumvent restrictions related to student mode functionality. Users are advised to update their devices to the latest software version to mitigate this risk.
Affected Version(s)
P20 Versions earlier than 10.0.0.156(C00E156R1P4)
References
CVSS V3.1
Score:
2.4
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved