Main Vulnerability Database SB2020052717

SB2020052717 - Improper Authorization in Huawei Mate 20

Published: May 27, 2020

Security Bulletin ID SB2020052717

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Authorization (CVE-ID: CVE-2020-1831)

The vulnerability allows a local attacker to bypass authorization checks.

The vulnerability exists due to the digital balance function does not sufficiently restrict the using time of certain user. An attacker with physical access to the device can break the limit of digital balance function after a series of operations with a PC.

Remediation

Install update from vendor's website.

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-04-smartphone-en