CVE-2020-1787

CWE-287Improper Authentication3 documents3 sources
Severity
6.6MEDIUM
EPSS
0.1%
top 83.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 20 FirmwareHuawei Huawei Mate 20
Timeline
PublishedJan 9
Latest updateMay 24

Description

HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host user's desktop in an instant, without unlocking the screen lock of the host user.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 0.7 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/mate_20_firmware< 9.1.0.139\(c00e133r3p1\)
CVEListV5huawei/huawei_mate_20Versions earlier than 9.1.0.139(C00E133R3P1)

🔴Vulnerability Details

2
GHSA
GHSA-pq48-j2pq-xj5j: HUAWEI Mate 20 smartphones versions earlier than 92022-05-24
CVEList
CVE-2020-1787: HUAWEI Mate 20 smartphones versions earlier than 92020-01-09
CVE-2020-1787 (MEDIUM CVSS 6.6) | HUAWEI Mate 20 smartphones versions | cvebase.io