CVE-2020-1791

CWE-863Incorrect Authorization3 documents3 sources
Severity
2.4LOW
EPSS
0.1%
top 80.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 20 FirmwareHuawei Huawei Mate 20
Timeline
PublishedFeb 18
Latest updateMay 24

Description

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages2 packages

NVDhuawei/mate_20_firmware< 10.0.0.185\(c00e74r3p8\)
CVEListV5huawei/huawei_mate_20Versions earlier than 10.0.0.185(C00E74R3P8)

🔴Vulnerability Details

2
GHSA
GHSA-462r-6q25-mwgw: HUAWEI Mate 20 smartphones with versions earlier than 102022-05-24
CVEList
CVE-2020-1791: HUAWEI Mate 20 smartphones with versions earlier than 102020-02-18
CVE-2020-1791 (LOW CVSS 2.4) | HUAWEI Mate 20 smartphones with ver | cvebase.io