Описание
Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass permission verification to perform specific operations and modify some data on the watch.
Уязвимые конфигурации
Конфигурация 1Версия до owdd.180707.001.e1 (включая)
Одновременно
cpe:2.3:o:huawei:watch_2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:watch_2:-:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00024
Низкий
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 4.6
github
около 3 лет назад
Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass permission verification to perform specific operations and modify some data on the watch.
EPSS
Процентиль: 5%
0.00024
Низкий
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-863