Vulnerability Description
There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 20 Firmware | < 10.0.0.188\(c00e74r3p8\) |
| Huawei | Mate 20 | - |
| Huawei | Mate 30 Pro Firmware | < 10.0.0.203\(c00e202r7p2\) |
| Huawei | Mate 30 Pro | - |
Related Weaknesses (CWE)
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartpVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartpVendor Advisory
FAQ
What is CVE-2020-1794?
CVE-2020-1794 is a vulnerability with a CVSS score of 4.6 (MEDIUM). There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to ...
How severe is CVE-2020-1794?
CVE-2020-1794 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1794?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 20 Firmware, Huawei Mate 20, Huawei Mate 30 Pro Firmware, Huawei Mate 30 Pro.