Published: 29/05/2020 Updated: 29/05/2020

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 4.6 | Impact Score: 3.6 | Exploitability Score: 0.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. A logic error occurs when handling NFC work, an attacker should establish a NFC connection to the target phone, and then do a series of operations on the target phone. Successful exploit could allow a guest user do certain operation which is beyond the guest user's privilege.

Vulnerable Product	Search on Vulmon	Subscribe to Product
huawei p30_firmware

There is an improper authentication vulnerability in several smartphones A logic error occurs when handling NFC work, an attacker should establish a NFC connection to the target phone, and then do a series of operations on the target phone Successful exploit could allow a guest user do certain operation which is beyond the guest user's privilege ...

CWE-287 https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-02-smartphone-en https://nvd.nist.gov https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-02-smartphone-en

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-1798

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect