4.6
CVE-2020-1882
- EPSS 0.02%
- Veröffentlicht 18.02.2020 00:15:11
- Zuletzt bearbeitet 21.11.2024 05:11:32
- Quelle psirt@huawei.com
- Teams Watchlist Login
- Unerledigt Login
Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Huawei ≫ Mate 20 Rs Firmware Version < 10.0.0.175\(c786e70r3p8\)
Huawei ≫ Mate 20 X Firmware Version < 10.0.0.176\(c00e70r2p8\)
Huawei ≫ Honor Magic2 Firmware Version < 10.0.0.175\(c00e59r2p11\)
Huawei ≫ Ever-l29b Firmware Version < 10.0.0.180\(c185e6r3p3\)
Huawei ≫ Ever-l29b Firmware Version < 10.0.0.180\(c432e6r1p7\)
Huawei ≫ Ever-l29b Firmware Version < 10.0.0.180\(c636e5r2p3\)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.04 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 0.9 | 3.6 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:P/A:N
|