This security bulletin contains one low risk vulnerability.
CWE-285 - Improper Authorization
Exploit availability: NoDescription
The vulnerability allows a local attacker to bypass authorization checks.
The vulnerability exists due to the digital balance function does not sufficiently restrict the using time of certain user. An attacker with physical access to the device can break the limit of digital balance function after a series of operations with a PC.Mitigation
Install updates from vendor's website.Vulnerable software versions
Huawei Mate 20: before 10.0.0.195
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?