Vulnerability Description
There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 20 Firmware | <= 10.0.0.188\(c00e74r3p8\) |
| Huawei | Mate 20 | - |
| Huawei | Mate 30 Pro Firmware | <= 10.0.0.203\(c00e202r7p2\) |
| Huawei | Mate 30 Pro | - |
Related Weaknesses (CWE)
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartpVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartpVendor Advisory
FAQ
What is CVE-2020-1796?
CVE-2020-1796 is a vulnerability with a CVSS score of 6.6 (MEDIUM). There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do c...
How severe is CVE-2020-1796?
CVE-2020-1796 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1796?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 20 Firmware, Huawei Mate 20, Huawei Mate 30 Pro Firmware, Huawei Mate 30 Pro.