Vulnerability Details : CVE-2020-1807
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. The software does not properly restrict certain user's modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode.
Products affected by CVE-2020-1807
- cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-1807
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-1807
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.6
|
LOW | AV:L/AC:L/Au:N/C:P/I:P/A:N |
3.9
|
4.9
|
NIST | |
3.5
|
LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
0.9
|
2.5
|
NIST |
References for CVE-2020-1807
-
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-smartphone-en
Security Advisory - Improper Authorization Vulnerability in Several SmartphonesVendor Advisory
Jump to