CVE-2020-1800

CWE-863Incorrect AuthorizationCWE-20Improper Input Validation5 documents5 sources
Severity
7.8HIGH
EPSS
0.1%
top 66.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei P30 Firmware
Timeline
PublishedMar 26
Latest updateMay 24

Description

HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful exploit could allow the attacker do certain unauthenticated operations.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/p30_firmware< 10.0.0.185\(c00e85r1p11\)
CVEListV5huawei_p30Versions earlier than 10.0.0.185(C00E85R1P11)

🔴Vulnerability Details

2
GHSA
GHSA-w87g-chjw-79mj: HUAWEI smartphones P30 with versions earlier than 102022-05-24
CVEList
CVE-2020-1800: HUAWEI smartphones P30 with versions earlier than 102020-03-26
CVE-2020-1800 (HIGH CVSS 7.8) | HUAWEI smartphones P30 with version | cvebase.io