Improper Authorization Vulnerability in HUAWEI Mate 20 Smartphones
CVE-2020-9251

2.4LOW

Key Information:

Vendor: Huawei
Status: Huawei Mate 20
Vendor: CVE Published:; 27 July 2020

Summary

The HUAWEI Mate 20 smartphones possess an improper authorization vulnerability due to software not adequately enforcing restrictions within specific scenarios. This vulnerability enables an attacker to bypass the limitations imposed by the student mode function, provided that certain configurations are made before activating this feature. Users of HUAWEI Mate 20 should ensure their devices are updated to versions 10.1.0.160(C00E160R2P11) or later to mitigate potential risks.

Affected Version(s)

HUAWEI Mate 20 Versions earlier than 10.1.0.160(C00E160R2P11)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 27, 2020
Vulnerability Reserved
Feb 18, 2020