Vulnerability Description
Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 20 Rs Firmware | < 10.0.0.175\(c786e70r3p8\) |
| Huawei | Mate 20 Rs | - |
| Huawei | Mate 20 X Firmware | < 10.0.0.176\(c00e70r2p8\) |
| Huawei | Mate 20 X | - |
| Huawei | Honor Magic2 Firmware | < 10.0.0.175\(c00e59r2p11\) |
| Huawei | Honor Magic2 | - |
| Huawei | Ever-L29B Firmware | < 10.0.0.180\(c185e6r3p3\) |
| Huawei | Ever-L29B | - |
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-phone-eVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-phone-eVendor Advisory
FAQ
What is CVE-2020-1882?
CVE-2020-1882 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.17...
How severe is CVE-2020-1882?
CVE-2020-1882 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1882?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 20 Rs Firmware, Huawei Mate 20 Rs, Huawei Mate 20 X Firmware, Huawei Mate 20 X, Huawei Honor Magic2 Firmware.