Vulnerabilities > CVE-2020-1795 - Unspecified vulnerability in Huawei Mate 20 Firmware and Mate 30 PRO Firmware

CVSS 2.4 - LOW

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

low complexity

huawei

NVD

Published: 2020-03-20

Updated: 2020-03-24

Summary

There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2).

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Mate 20 Firmware 9.0.0.195\(C01E195R2P1\) Huawei Mate 20 Firmware 9.0.0.205\(C00E205R2P1\) Huawei Mate 20 Firmware 9.1.0.131\(C00E131R3P1\) Huawei Mate 30 PRO Firmware - Huawei Mate 30 PRO Firmware 10.0.0.203\(C00E202R7P2\)	5
Hardware	Huawei Huawei Mate 20 - Huawei Mate 30 PRO -	2

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en