4.6

CVE-2020-1872

EPSS 0.02%
Published 18.02.2020 02:15:10
Last modified 21.11.2024 05:11:31
Source psirt@huawei.com
Teams watchlist Login
Open Login

Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ P10 Plus Firmware Version < 9.1.0.201\(c01e75r1p12t8\)

Huawei ≫ P10 Plus Version-

Huawei ≫ P10 Plus Firmware Version < 9.1.0.252\(c185e2r1p9t8\)

Huawei ≫ P10 Plus Version-

Huawei ≫ P10 Plus Firmware Version < 9.1.0.252\(c432e4r1p9t8\)

Huawei ≫ P10 Plus Version-

Huawei ≫ P10 Plus Firmware Version < 9.1.0.255\(c576e6r1p8t8\)

Huawei ≫ P10 Plus Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.04

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	0.9	3.6	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:P/A:N

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-digitalbalance-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-1872

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-1872

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-1872

EUVD