Vulnerability Description
Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another application who would call its interface. An attacker could trick the user into installing a malicious application. Successful exploit could allow unauthorized actions leading to information disclosure.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Honor V30 Firmware | < 10.0.1.135\(c00e130r4p1\) |
| Huawei | Honor V30 | - |
Related Weaknesses (CWE)
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-02-smartpVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-02-smartpVendor Advisory
FAQ
What is CVE-2020-1788?
CVE-2020-1788 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another applicatio...
How severe is CVE-2020-1788?
CVE-2020-1788 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1788?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor V30 Firmware, Huawei Honor V30.