CVE-2020-1840

Опубликовано: 21 янв. 2020

Источник: nvd

CVSS3: 6

CVSS2: 3.6

EPSS Низкий

Описание

HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8)

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-smartphone-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-smartphone-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*

Версия до 10.0.0.175\(c00e70r3p8\) (включая)

cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00053

Низкий

6 Medium

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-rf3j-pmqj-4m5q

github

больше 3 лет назад