Main Vulnerability Database SB2020061812

SB2020061812 - Information disclosure in Huawei Mate 30

Published: June 18, 2020

Security Bulletin ID SB2020061812

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Information disclosure (CVE-ID: CVE-2020-1835)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a logic judgment error when the system handling Bluetooth connections. A remote attacker on the local network can craft as an authenticated Bluetooth peer and gain unauthorized access to sensitive information on the system.

Remediation

Install update from vendor's website.

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-02-smartphone-en