CVE-2020-1812

Опубликовано: 18 фев. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P11) have an improper authentication vulnerability. Due to improperly validation of certain application, an attacker should trick the user into installing a malicious application to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200120-01-smartphone-en
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200120-01-smartphone-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*

Версия до 10.0.0.173\(c00e73r1p11\) (исключая)

cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*

EPSS

Процентиль: 12%

0.00041

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-vf7f-rm6p-4f56

github

больше 3 лет назад