Multiple vulnerabilities in Huawei Mate 20 and Mate 30 Pro



Published: 2020-03-19 | Updated: 2020-10-14
Risk Low
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2020-1795
CVE-2020-1794
CVE-2020-1793
CVE-2020-1796
CVE-2020-1807
CVE-2020-9113
CWE-ID CWE-840
CWE-287
CWE-285
CWE-119
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe
Huawei Mate 20
Client/Desktop applications / Multimedia software

Huawei Mate 30 Pro
Client/Desktop applications / Multimedia software

Vendor Huawei

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

Updated 23.04.2020
Added vulnerability #5
Updated 14.10.2020
Added vulnerability #6

1) Business Logic Errors

EUVDB-ID: #VU26216

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-1795

CWE-ID: CWE-840 - Business Logic Errors (3.0)

Exploit availability: No

Description

The vulnerability allows a local user to compromise the target device.

The vulnerability exists due to the affected software does not properly restrict certain operation when the Digital Balance function is on. An authenticated attacker with physical access can bypass the Digital Balance limit after a series of operations.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei Mate 20: before 10.0.0.188

Huawei Mate 30 Pro: before 10.0.0.203


CPE2.3 External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Improper Authentication

EUVDB-ID: #VU26215

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-1794

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the applock does not perform a sufficient authentication in certain scenarios. An attacker with physical access can bypass authentication process and gain certain data of the application which is locked.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei Mate 20: before 10.0.0.188

Huawei Mate 30 Pro: before 10.0.0.203


CPE2.3 External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper Authentication

EUVDB-ID: #VU26214

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-1793

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the applock does not perform a sufficient authentication in certain scenarios. An attacker with physical access can bypass authentication process and gain certain data of the application which is locked.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei Mate 20: before 10.0.0.188

Huawei Mate 30 Pro: before 10.0.0.203


CPE2.3 External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Improper Authentication

EUVDB-ID: #VU26213

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-1796

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local user to bypass authentication process.

The vulnerability exists due to an error in authorization process to certain user. An authenticated attacker with physical access can bypass authentication process and perform certain operation which the user are supposed not to do.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei Mate 20: before 10.0.0.188

Huawei Mate 30 Pro: before 10.0.0.203


CPE2.3 External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartphone-en

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Improper Authorization

EUVDB-ID: #VU27237

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-1807

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authorization checks.

The vulnerability exists due to the affected software does not properly restrict certain user's modification of certain configuration file. An attacker with physical access to the device can bypass app lock after a series of operation in ADB mode.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei Mate 20: before 10.0.0.188


CPE2.3 External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-smartphone-en

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Buffer overflow

EUVDB-ID: #VU47645

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-9113

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker on the local network can craft Bluetooth messages after successful paring, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei Mate 20: before 10.0.0.188


CPE2.3 External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-en

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###