Main Vulnerability Database Vulnerabilities #VU28294

Improper Authorization in Huawei Mate 20 - CVE-2020-1797

Published: May 27, 2020

Vulnerability identifier: #VU28294

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-1797

CWE-ID: CWE-285

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Huawei Mate 20

Software vendor:
Huawei

Description

The vulnerability allows a local attacker to bypass authorization checks.

The vulnerability exists due to the affected system does not properly restrict certain operation in ADB mode. An attacker with physical access to the device can break the limit of digital balance function.

Remediation

Install updates from vendor's website.

External links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-03-smartphone-en

Improper Authorization in Huawei Mate 20 - CVE-2020-1797

Description

Remediation

External links

Please verify you're human