CVE-2020-1872

CWE-20Improper Input Validation3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.0%
top 94.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei P10 Plus FirmwareHuawei Huawei P10 Plus
Timeline
PublishedFeb 18
Latest updateMay 24

Description

Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/p10_plus_firmware< 9.1.0.201\(c01e75r1p12t8\)+3
CVEListV5huawei/huawei_p10_plus4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-6q93-673p-9879: Huawei smart phones P10 Plus with versions earlier than 92022-05-24
CVEList
CVE-2020-1872: Huawei smart phones P10 Plus with versions earlier than 92020-02-18
CVE-2020-1872 (MEDIUM CVSS 4.6) | Huawei smart phones P10 Plus with v | cvebase.io