CVE-2020-1795

Опубликовано: 20 мар. 2020

Источник: nvd

CVSS3: 2.4

CVSS2: 2.1

EPSS Низкий

Описание

There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2).

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*

Версия до 10.0.0.188\(c00e74r3p8\) (исключая)

cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*

Версия до 10.0.0.203\(c00e202r7p2\) (исключая)

cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00022

Низкий

2.4 Low

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-96h3-m8gx-3ghg

github

больше 3 лет назад