Main Vulnerability Database SB2019112902

SB2019112902 - Improper Authorization in Huawei Mate 20 RS

Published: November 29, 2019

Security Bulletin ID SB2019112902

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Authorization (CVE-ID: CVE-2019-5308)

The vulnerability allows an attacker to bypass authorization checks.

The vulnerability exists due to the affected software does not properly restrict certain operation in ADB mode. An attacker with physical access to the device can switch to third desktop after a series of operation.

Remediation

Install update from vendor's website.

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-01-smartphone-en