CVE-2019-5308Huawei Mate 20 RS Firmware vulnerability

3 documents3 sources
Severity
2.4LOWNVD
EPSS
0.1%
top 80.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Mate 20 RS Firmware
Timeline
PublishedNov 29
Latest updateMay 24

Description

Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages2 packages

NVDhuawei/mate_20_rs_firmware< 9.1.0.135\(c786e133r3p1\)
CVEListV5huawei/mate_20_rs_firmwareVersions earlier than 9.1.0.135(C786E133R3P1)

🔴Vulnerability Details

2
GHSA
GHSA-7rx2-8574-5qv6: Mate 20 RS smartphones with versions earlier than 92022-05-24
CVEList
CVE-2019-5308: Mate 20 RS smartphones with versions earlier than 92019-11-29
CVE-2019-5308 — Huawei vulnerability | cvebase