Vulnerabilities > CVE-2020-1800 - Unspecified vulnerability in Huawei P30 Firmware

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

huawei

NVD

Published: 2020-03-26

Updated: 2021-07-21

Summary

HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful exploit could allow the attacker do certain unauthenticated operations.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei P30 Firmware - Huawei P30 Firmware 9.1.0.131\(C00E130R1P21\) Huawei P30 Firmware 9.1.0.193 Huawei P30 Firmware 9.1.0.193\(C00E190R2P1\) Huawei P30 Firmware 9.1.0.226\(C00E220R2P1\) Huawei P30 Firmware 9.1.0.272\(C635E4R2P2\) Huawei P30 Firmware 10.0.0.166\(C00E66R1P11\) Huawei P30 Firmware 10.0.0.173\(C00E73R1P11\)	8
Hardware	Huawei Huawei P30 -	1

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200325-02-smartphone-en