Improper Authentication Vulnerability in Huawei Honor V30 Smartphones
CVE-2020-9259

6.5MEDIUM

Key Information:

Vendor: Huawei
Status: Honor V30
Vendor: CVE Published:; 17 July 2020

Summary

Huawei Honor V30 smartphones prior to version 10.1.0.212(C00E210R5P1) are susceptible to an improper authentication vulnerability. This flaw allows attackers to exploit insufficient validation of parameters within the system. By deceiving users into installing malicious applications, an attacker could gain control over the device's lower levels, potentially leading to unauthorized information disclosure. It is essential for users of affected devices to update to the latest software version to mitigate this risk.

Affected Version(s)

Honor V30 Versions earlier than 10.1.0.212(C00E210R5P1)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 17, 2020
Vulnerability Reserved
Feb 18, 2020