CVE-2020-1807Incorrect Authorization in Huawei Mate 20 Firmware

CWE-863Incorrect Authorization3 documents3 sources
Severity
3.5LOWNVD
EPSS
0.0%
top 92.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 20 FirmwareHuawei Mate 20
Timeline
PublishedApr 27
Latest updateMay 24

Description

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. The software does not properly restrict certain user's modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 0.9 | Impact: 2.5

Affected Packages2 packages

NVDhuawei/mate_20_firmware< 10.0.0.188\(c00e74r3p8\)
CVEListV5huawei/huawei_mate_20Versions earlier than 10.0.0.188(C00E74R3P8)

🔴Vulnerability Details

2
GHSA
GHSA-q56q-qm7c-m966: HUAWEI Mate 20 smartphones with versions earlier than 102022-05-24
CVEList
CVE-2020-1807: HUAWEI Mate 20 smartphones with versions earlier than 102020-04-27
CVE-2020-1807 — Incorrect Authorization in Huawei | cvebase