Vulnerability Description
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another process that is operating concurrently, an attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 30 Firmware | < 10.1.0.150\(c00e136r5p3\) |
| Huawei | Mate 30 | - |
Related Weaknesses (CWE)
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-04-smartpVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-04-smartpVendor Advisory
FAQ
What is CVE-2020-1839?
CVE-2020-1839 is a vulnerability with a CVSS score of 6.3 (MEDIUM). HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another proce...
How severe is CVE-2020-1839?
CVE-2020-1839 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1839?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 30 Firmware, Huawei Mate 30.