CVE-2020-1835

CWE-200 — Information Exposure4 documents4 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 86.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Mate 30 Firmware

Timeline

PublishedJun 18

Latest updateMay 24

Description

HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have an information disclosure vulnerability. A logic judgment error occurs when the system handling Bluetooth connections, an attacker could craft as an authenticated Bluetooth peer to launch the attack. Successful exploit could cause information disclosure.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDhuawei/mate_30_firmware< 10.1.0.126\(c00e125r5p3\)

▶CVEListV5huawei_mate_30Versions earlier than 10.1.0.126(C00E125R5P3)

🔴Vulnerability Details

GHSA

GHSA-7vvx-6q94-66wq: HUAWEI Mate 30 with versions earlier than 10↗2022-05-24

▶

CVEList

CVE-2020-1835: HUAWEI Mate 30 with versions earlier than 10↗2020-06-18

▶

💬Community

Bugzilla

CVE-2020-2182 jenkins-credentials-binding-plugin: improper masking of secrets↗2020-06-16

▶