CVE-2020-1826

CWE-327Broken Cryptographic AlgorithmCWE-200Information Exposure3 documents3 sources
Severity
4.4MEDIUM
EPSS
0.0%
top 96.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Honor Magic2 FirmwareHuawei Honor Magic2
Timeline
PublishedJan 9
Latest updateMay 24

Description

Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability. Due to a module using weak encryption tool, an attacker with the root permission may exploit the vulnerability to obtain some information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/honor_magic2_firmware< 10.0.0.175\(c00e59r2p11\)
CVEListV5huawei/honor_magic2Versions earlier than 10.0.0.175(C00E59R2P11)

🔴Vulnerability Details

2
GHSA
GHSA-253g-4jm3-6p9v: Huawei Honor Magic2 mobile phones with versions earlier than 102022-05-24
CVEList
CVE-2020-1826: Huawei Honor Magic2 mobile phones with versions earlier than 102020-01-09
CVE-2020-1826 (MEDIUM CVSS 4.4) | Huawei Honor Magic2 mobile phones w | cvebase.io