Multiple vulnerabilities in Huawei Mate 20 and Mate 30 Pro
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2020-1795 CVE-2020-1794 CVE-2020-1793 CVE-2020-1796 CVE-2020-1807 CVE-2020-9113 |
| CWE-ID | CWE-840 CWE-287 CWE-285 CWE-119 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Huawei Mate 20 Client/Desktop applications / Multimedia software Huawei Mate 30 Pro Client/Desktop applications / Multimedia software |
| Vendor | Huawei |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
Updated 23.04.2020
Added vulnerability #5
Updated 14.10.2020
Added vulnerability #6
1) Business Logic Errors
EUVDB-ID: #VU26216
Risk: Low
CVSSv3.1: 1.9 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1795
CWE-ID:
CWE-840 - Business Logic Errors (3.0)
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target device.
The vulnerability exists due to the affected software does not properly restrict certain operation when the Digital Balance function is on. An authenticated attacker with physical access can bypass the Digital Balance limit after a series of operations.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei Mate 20: before 10.0.0.188
Huawei Mate 30 Pro: before 10.0.0.203
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Authentication
EUVDB-ID: #VU26215
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1794
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass authentication process.
The vulnerability exists due to the applock does not perform a sufficient authentication in certain scenarios. An attacker with physical access can bypass authentication process and gain certain data of the application which is locked.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei Mate 20: before 10.0.0.188
Huawei Mate 30 Pro: before 10.0.0.203
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Authentication
EUVDB-ID: #VU26214
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1793
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass authentication process.
The vulnerability exists due to the applock does not perform a sufficient authentication in certain scenarios. An attacker with physical access can bypass authentication process and gain certain data of the application which is locked.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei Mate 20: before 10.0.0.188
Huawei Mate 30 Pro: before 10.0.0.203
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Authentication
EUVDB-ID: #VU26213
Risk: Low
CVSSv3.1: 1.9 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1796
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass authentication process.
The vulnerability exists due to an error in authorization process to certain user. An authenticated attacker with physical access can bypass authentication process and perform certain operation which the user are supposed not to do.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei Mate 20: before 10.0.0.188
Huawei Mate 30 Pro: before 10.0.0.203
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper Authorization
EUVDB-ID: #VU27237
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1807
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass authorization checks.
The vulnerability exists due to the affected software does not properly restrict certain user's modification of certain configuration file. An attacker with physical access to the device can bypass app lock after a series of operation in ADB mode.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei Mate 20: before 10.0.0.188
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU47645
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-9113
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker on the local network can craft Bluetooth messages after successful paring, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei Mate 20: before 10.0.0.188
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-en
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
