CVE-2019-5308 — Huawei Mate 20 RS Firmware vulnerability

3 documents3 sources

Severity

2.4LOWNVD

EPSS

0.1%

top 80.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Mate 20 RS Firmware

Timeline

PublishedNov 29

Latest updateMay 24

Description

Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages2 packages

▶NVDhuawei/mate_20_rs_firmware< 9.1.0.135\(c786e133r3p1\)

▶CVEListV5huawei/mate_20_rs_firmwareVersions earlier than 9.1.0.135(C786E133R3P1)

🔴Vulnerability Details

GHSA

GHSA-7rx2-8574-5qv6: Mate 20 RS smartphones with versions earlier than 9↗2022-05-24

▶

CVEList

CVE-2019-5308: Mate 20 RS smartphones with versions earlier than 9↗2019-11-29

▶