Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for Mate 30 Pro by Huawei

    VAR-202007-1267

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service. Huawei Mate 30 Pro There are unspecified vulnerabilities in smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Mate 30 Pro is a smart phone of China's Huawei (Huawei) company. The vulnerability is caused by the program's failure to properly restrict the application's use of system services

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202007-1267",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.150\\(c00e136r5p3\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.150(c00e136r5p3)"
          },
          {
            "model": "mate pro \u003c10.1.0.150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9256"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          }
        ]
      },
      "cve": "CVE-2020-9256",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-9256",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-008282",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-46472",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-9256",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-008282",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9256",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-008282",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-46472",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-1092",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9256"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service. Huawei Mate 30 Pro There are unspecified vulnerabilities in smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Mate 30 Pro is a smart phone of China\u0027s Huawei (Huawei) company. The vulnerability is caused by the program\u0027s failure to properly restrict the application\u0027s use of system services",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9256",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "49423",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1092",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9256"
          }
        ]
      },
      "id": "VAR-202007-1267",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          }
        ],
        "trust": 1.1876653
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:04:17.683000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200715-05-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 30 Pro improper authorization vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/230845"
          },
          {
            "title": "Huawei Mate 30 Pro Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124915"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9256"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9256"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200715-05-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9256"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/49423"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9256"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9256"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          },
          {
            "date": "2020-09-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "date": "2020-07-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          },
          {
            "date": "2020-07-18T01:16:35.427000",
            "db": "NVD",
            "id": "CVE-2020-9256"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46472"
          },
          {
            "date": "2020-09-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          },
          {
            "date": "2020-10-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          },
          {
            "date": "2024-11-21T05:40:17.043000",
            "db": "NVD",
            "id": "CVE-2020-9256"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei Mate 30 Pro Vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008282"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1092"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1058

    Vulnerability from variot - Updated: 2024-11-23 22:58

    HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Both Huawei P30 and Huawei P30 Pro are smartphones of China's Huawei (Huawei) company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1058",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p8\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.135(c00e135r2p8)"
          },
          {
            "model": "mate 30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.135(c00e135r2p11)"
          },
          {
            "model": "p30 \u003c10.1.0.135",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003c10.1.0.135",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          }
        ]
      },
      "cve": "CVE-2020-1834",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1834",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006750",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-52416",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1834",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006750",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1834",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006750",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-52416",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1198",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package\u0027s integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Both Huawei P30 and Huawei P30 Pro are smartphones of China\u0027s Huawei (Huawei) company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1834",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "id": "VAR-202006-1058",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          }
        ],
        "trust": 1.1819317166666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:12.580000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200617-01-smartphone ",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30 and P30 Pro insufficient integrity check vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/234445"
          },
          {
            "title": "Huawei P30  and P30 Pro Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121887"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-354",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1834"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200617-01-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1834"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "date": "2020-07-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "date": "2020-06-18T14:15:11.187000",
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52416"
          },
          {
            "date": "2020-07-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          },
          {
            "date": "2020-08-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          },
          {
            "date": "2024-11-21T05:11:27.567000",
            "db": "NVD",
            "id": "CVE-2020-1834"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI P30 and  P30 Pro Vulnerability in data integrity verification deficiency in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006750"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1198"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202002-0214

    Vulnerability from variot - Updated: 2024-11-23 22:51

    In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715. Android contains a calculation error vulnerability. This vulnerability is Android ID: A-143894715 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0214",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "google",
            "version": "8.1"
          },
          {
            "model": "honor 8a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.291\\(c185e3r4p1\\)"
          },
          {
            "model": "mate 30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e74r3p8\\)"
          },
          {
            "model": "p20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.162\\(c00e156r1p4\\)"
          },
          {
            "model": "mate 30 pro 5g",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "honor view 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c636e3r4p3\\)"
          },
          {
            "model": "p smart",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193\\(c605e6r1p5t8\\)"
          },
          {
            "model": "honor 8x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.183\\(c185e2r6p1\\)"
          },
          {
            "model": "y6 pro 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.290\\(c636e5r3p1\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e74r2p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.196\\(c185e7r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.190\\(c432e22r2p5\\)"
          },
          {
            "model": "nova 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.338\\(c00e333r1p1t8\\)"
          },
          {
            "model": "y9 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.264\\(c185e2r5p1t8\\)"
          },
          {
            "model": "mate 30 5g",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "p20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.162\\(c00e156r1p4\\)"
          },
          {
            "model": "p smart 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.180\\(c185e3r4p1\\)"
          },
          {
            "model": "y6 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.290\\(c185e5r4p1\\)"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": "9.0"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e85r2p8\\)"
          },
          {
            "model": "nova lite 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.322\\(c635e8r2p2\\)"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": "10.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "10"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "nu11secur1ty",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-0022",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2020-0022",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-0022",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-0022",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-0022",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2020-0022",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-0022",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202002-366",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-0022",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715. Android contains a calculation error vulnerability. This vulnerability is Android ID: A-143894715 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-0022",
            "trust": 3.3
          },
          {
            "db": "PACKETSTORM",
            "id": "156891",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993",
            "trust": 0.8
          },
          {
            "db": "NSFOCUS",
            "id": "45798",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "49115",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-0022",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "id": "VAR-202002-0214",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.538734306
      },
      "last_update_date": "2024-11-23T22:51:30.464000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android\u00a0 Public information about security \u00a0-\u00a02020\u00a0 Year \u00a02\u00a0 Moon",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2020-02-01"
          },
          {
            "title": "Android Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110484"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Integer Overflow Vulnerability in Android affects Several Huawei Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=5ecb6a3686ddfa79c27cc2c950827f9f"
          },
          {
            "title": "CVE-2020-0022\nUpdate 1\nUpdate 2",
            "trust": 0.1,
            "url": "https://github.com/marcinguy/CVE-2020-0022 "
          },
          {
            "title": "https://github.com/Polo35/CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/Polo35/CVE-2020-0022 "
          },
          {
            "title": "Bluefrag_CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/k3vinlusec/Bluefrag_CVE-2020-0022 "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/devdanqtuan/poc-for-cve-2020-0022 "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/leommxj/cve-2020-0022 "
          },
          {
            "title": "AndroidBlueFragCVE",
            "trust": 0.1,
            "url": "https://github.com/sharif-dev/AndroidBlueFragCVE "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/5k1l/cve-2020-0022 "
          },
          {
            "title": "CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/themmokhtar/CVE-2020-0022 "
          },
          {
            "title": "CVE-2020-14292: A bluetooth transport issue in COVIDSafe App",
            "trust": 0.1,
            "url": "https://github.com/alwentiu/CVE-2020-14292 "
          },
          {
            "title": "https://github.com/seemoo-lab/frankenstein",
            "trust": 0.1,
            "url": "https://github.com/seemoo-lab/frankenstein "
          },
          {
            "title": "Protocol-Vulnerability\nRelated Resources\nContributors",
            "trust": 0.1,
            "url": "https://github.com/WinMin/Protocol-Vul "
          },
          {
            "title": "\u7b80\u4ecb\n\u5b89\u88c5\n\u4f7f\u7528\nhttpserver\u63a5\u53e3",
            "trust": 0.1,
            "url": "https://github.com/he1m4n6a/cve-db "
          },
          {
            "title": "Awesome Bluetooth Security (BR, EDR, LE, and Mesh)",
            "trust": 0.1,
            "url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
          },
          {
            "title": "Awesome Bluetooth Security (BR, EDR, LE, and Mesh)",
            "trust": 0.1,
            "url": "https://github.com/engn33r/awesome-bluetooth-security "
          },
          {
            "title": "\u6240\u6709\u6536\u96c6\u7c7b\u9879\u76ee\nAndroid\n\u76ee\u5f55\n\u8d44\u6e90\u6536\u96c6\n\u77e5\u540d\u5206\u6790\u5de5\u5177\n\u5404\u7c7bApp\nTopic\n\u5176\u4ed6\n\u5de5\u5177\n\u6587\u7ae0\n\u8d21\u732e",
            "trust": 0.1,
            "url": "https://github.com/alphaSeclab/android-security "
          },
          {
            "title": "OPSEC-Hall-of-fame \ud83d\ude0e",
            "trust": 0.1,
            "url": "https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame "
          },
          {
            "title": "CVE-Mitre\nDownload single CVE",
            "trust": 0.1,
            "url": "https://github.com/nu11secur1ty/CVE-mitre "
          },
          {
            "title": "CVE-Mitre\nDownload single CVE",
            "trust": 0.1,
            "url": "https://github.com/nu11secur1ty/CVE "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/soosmile/POC "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/developer3000S/PoC-in-GitHub "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/hectorgie/PoC-in-GitHub "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/0xT11/CVE-POC "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2020/02/07/android_bluetooth_flaw/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-682",
            "trust": 1.0
          },
          {
            "problemtype": "calculation error (CWE-682) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://source.android.com/security/bulletin/2020-02-01"
          },
          {
            "trust": 2.3,
            "url": "http://packetstormsecurity.com/files/156891/android-bluetooth-remote-denial-of-service.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
          },
          {
            "trust": 1.7,
            "url": "http://seclists.org/fulldisclosure/2020/feb/10"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-0022"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2020-31507"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/45798"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200513-03-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/49115"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/682.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/marcinguy/cve-2020-0022"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "date": "2020-03-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "date": "2020-02-13T15:15:11.780000",
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-02-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "date": "2024-02-27T07:11:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "date": "2020-09-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "date": "2024-11-21T04:52:45.763000",
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Android\u00a0 calculation error vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1401

    Vulnerability from variot - Updated: 2024-11-23 22:47

    There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion. Mate 10 firmware, Mate 30 firmware, Mate 30 Pro firmware etc. Huawei There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1401",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.156\\(c00e155r7p2\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.156\\(c00e156r7p2\\)"
          },
          {
            "model": "p40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.150\\(sp1c00e150r4p1\\)"
          },
          {
            "model": "p40 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.150\\(sp1c00e150r4p1\\)"
          },
          {
            "model": "mate 10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.189\\(c185e6r1p3\\)"
          },
          {
            "model": "p40",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 10",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p40 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9119"
          }
        ]
      },
      "cve": "CVE-2020-9119",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9119",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.3,
                "id": "CVE-2020-9119",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.2,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9119",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9119",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9119",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1542",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9119"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user\u0027s privilege promotion. Mate 10 firmware, Mate 30 firmware, Mate 30 Pro firmware etc. Huawei There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9119",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1542",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9119"
          }
        ]
      },
      "id": "VAR-202012-1401",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5351061866666666
      },
      "last_update_date": "2024-11-23T22:47:44.214000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Multiple  Huawei Product Privilege License and Access Control Issue Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138013"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9119"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9119"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9119"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9119"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-07-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          },
          {
            "date": "2020-12-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          },
          {
            "date": "2020-12-24T16:15:15.850000",
            "db": "NVD",
            "id": "CVE-2020-9119"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-07-18T10:27:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          },
          {
            "date": "2021-07-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          },
          {
            "date": "2024-11-21T05:40:05.323000",
            "db": "NVD",
            "id": "CVE-2020-9119"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Product vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018300"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "permissions and access control issues",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1542"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202007-0978

    Vulnerability from variot - Updated: 2024-11-23 22:44

    HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. The device does not sufficiently validate certain credential of user's face, an attacker could craft the credential of the user, successful exploit could allow the attacker to pass the authentication with the crafted credential. The vulnerability is caused by the device not fully verifying the user's facial credentials

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202007-0978",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.150\\(c00e136r5p3\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.150(c00e136r5p3)"
          },
          {
            "model": "mate pro \u003c10.1.0.150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1838"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          }
        ]
      },
      "cve": "CVE-2020-1838",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "CVE-2020-1838",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 1.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-007481",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "CNVD-2020-51533",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-1838",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-007481",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1838",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-007481",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-51533",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-077",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1838"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. The device does not sufficiently validate certain credential of user\u0027s face, an attacker could craft the credential of the user, successful exploit could allow the attacker to pass the authentication with the crafted credential. The vulnerability is caused by the device not fully verifying the user\u0027s facial credentials",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1838",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "47073",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-077",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1838"
          }
        ]
      },
      "id": "VAR-202007-0978",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          }
        ],
        "trust": 1.1876653
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:28.782000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200701-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-03-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 30 Pro authorization issue vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/233314"
          },
          {
            "title": "Huawei Mate 30 Pro Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123465"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1838"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1838"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-03-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1838"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200701-03-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/47073"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1838"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1838"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          },
          {
            "date": "2020-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "date": "2020-07-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          },
          {
            "date": "2020-07-06T19:15:12.463000",
            "db": "NVD",
            "id": "CVE-2020-1838"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-51533"
          },
          {
            "date": "2020-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          },
          {
            "date": "2020-07-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          },
          {
            "date": "2024-11-21T05:11:28.070000",
            "db": "NVD",
            "id": "CVE-2020-1838"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 30 Pro Authentication vulnerabilities in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007481"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-077"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0955

    Vulnerability from variot - Updated: 2024-11-23 22:41

    There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, successful exploit could cause information disclosure. Affected product versions include:Mate 30 Pro versions Versions earlier than 10.0.0.205(C00E202R7P2);Mate 30 versions Versions earlier than 10.0.0.205(C00E201R7P2). Mate 30 Pro and Mate 30 There is an information leakage vulnerability in.Information may be obtained. In the specific scenario of sharing files, some of the functional interfaces in the system are not The caller is fully authenticated

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0955",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.205\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.205\\(c00e201r7p2\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.205(c00e202r7p2)"
          },
          {
            "model": "mate 30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.205(c00e202r7p2)"
          },
          {
            "model": "mate pro \u003c10.0.0.205",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          },
          {
            "model": "mate \u003c10.0.0.205",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1801"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          }
        ]
      },
      "cve": "CVE-2020-1801",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-1801",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003980",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-22206",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-1801",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003980",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1801",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003980",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-22206",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-535",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1801"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller\u0027s identity in certain share scenario, successful exploit could cause information disclosure. Affected product versions include:Mate 30 Pro versions Versions earlier than 10.0.0.205(C00E202R7P2);Mate 30 versions Versions earlier than 10.0.0.205(C00E201R7P2). Mate 30 Pro and Mate 30 There is an information leakage vulnerability in.Information may be obtained. In the specific scenario of sharing files, some of the functional interfaces in the system are not The caller is fully authenticated",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1801"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1801",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-535",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1801"
          }
        ]
      },
      "id": "VAR-202004-0955",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          }
        ],
        "trust": 1.2276592800000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:07.094000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200408-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 30 Pro and Huawei Mate 30 authorization issue vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/213191"
          },
          {
            "title": "Huawei Mate 30 Pro  and Huawei Mate 30 Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115735"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-200",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1801"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1801"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1801"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200408-01-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1801"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1801"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          },
          {
            "date": "2020-04-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "date": "2020-04-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          },
          {
            "date": "2020-04-10T15:15:12.880000",
            "db": "NVD",
            "id": "CVE-2020-1801"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22206"
          },
          {
            "date": "2020-04-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          },
          {
            "date": "2020-04-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          },
          {
            "date": "2024-11-21T05:11:24.390000",
            "db": "NVD",
            "id": "CVE-2020-1801"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mate 30 Pro and  Mate 30 Vulnerability regarding information leakage in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003980"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-535"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1093

    Vulnerability from variot - Updated: 2024-11-23 22:11

    There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. Attackers can use this vulnerability to obtain data on locked applications

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1093",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.188(c00e74r3p8)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.203(c00e202r7p2)"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.0.0.203",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          }
        ]
      },
      "cve": "CVE-2020-1794",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1794",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003140",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-21998",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1794",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003140",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1794",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003140",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-21998",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1139",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. Attackers can use this vulnerability to obtain data on locked applications",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1794",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "id": "VAR-202003-1093",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          }
        ],
        "trust": 1.2276592800000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:11:35.883000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200318-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 and Mate 30 Pro authorization issue vulnerability (CNVD-2020-21998)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/213049"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1794"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-02-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1794"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "date": "2020-03-20T15:15:13.950000",
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "date": "2020-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "date": "2024-11-21T05:11:23.630000",
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 and  Mate 30 Pro Authentication vulnerabilities in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1094

    Vulnerability from variot - Updated: 2024-11-23 22:05

    There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an unspecified vulnerability in.Information may be tampered with. This vulnerability stems from the fact that the system fails to reasonably restrict some operations when the mobile phone function is healthy. Attackers can use this vulnerability to bypass the restrictions on the healthy use of mobile phones

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1094",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.188(c00e74r3p8)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.203(c00e202r7p2)"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.0.0.203",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          }
        ]
      },
      "cve": "CVE-2020-1795",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1795",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003141",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-21999",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1795",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.4,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003141",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1795",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003141",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-21999",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1144",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an unspecified vulnerability in.Information may be tampered with. This vulnerability stems from the fact that the system fails to reasonably restrict some operations when the mobile phone function is healthy. Attackers can use this vulnerability to bypass the restrictions on the healthy use of mobile phones",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1795",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "id": "VAR-202003-1094",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          }
        ],
        "trust": 1.2276592800000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:05:46.358000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200318-04-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 and Mate 30 Pro logic error vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/213047"
          },
          {
            "title": "Huawei Mate 20  and Mate 30 Pro Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112622"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1795"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1795"
          },
          {
            "trust": 0.6,
            "url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-04-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "date": "2020-03-20T15:15:14.027000",
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "date": "2020-03-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "date": "2024-11-21T05:11:23.733000",
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 and  Mate 30 Pro Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1092

    Vulnerability from variot - Updated: 2024-11-23 21:51

    There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. You can use this vulnerability to obtain data on locked applications

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1092",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.188(c00e74r3p8)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.203(c00e202r7p2)"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.0.0.203",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          }
        ]
      },
      "cve": "CVE-2020-1793",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1793",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003319",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-22000",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1793",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003319",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1793",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003319",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-22000",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1146",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. You can use this vulnerability to obtain data on locked applications",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1793",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "id": "VAR-202003-1092",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          }
        ],
        "trust": 1.2276592800000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:51:37.488000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200318-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 and Mate 30 Pro authorization issue vulnerability (CNVD-2020-22000)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/213045"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1793"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-02-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1793"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "date": "2020-04-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "date": "2020-03-20T15:15:13.857000",
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "date": "2020-04-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "date": "2020-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "date": "2024-11-21T05:11:23.523000",
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 and  Mate 30 Pro Authentication vulnerabilities in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1095

    Vulnerability from variot - Updated: 2024-11-23 21:36

    There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both Huawei Mate 20 and Mate 30 Pro are smartphones of the Chinese company Huawei. This vulnerability stems from the system’s failure to properly authorize low-privilege users. Attackers can use this The vulnerability performs an unauthorized operation. Huawei smartphones could allow a local authenticated malicious user to bypass security restrictions, caused by improper authentication. An attacker could exploit this vulnerability, an attacker could exploit this vulnerability bypass security restrictions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1095",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.188(c00e74r3p8)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.203(c00e202r7p2)"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.0.0.203",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1796"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          }
        ]
      },
      "cve": "CVE-2020-1796",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1796",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003136",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-22002",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.7,
                "id": "CVE-2020-1796",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003136",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1796",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003136",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-22002",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1155",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-1796",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1796"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1796"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both Huawei Mate 20 and Mate 30 Pro are smartphones of the Chinese company Huawei. This vulnerability stems from the system\u2019s failure to properly authorize low-privilege users. Attackers can use this The vulnerability performs an unauthorized operation. Huawei smartphones could allow a local authenticated malicious user to bypass security restrictions, caused by improper authentication. An attacker could exploit this vulnerability, an attacker could exploit this vulnerability bypass security restrictions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1796"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1796"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1796",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1155",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1796",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1796"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1796"
          }
        ]
      },
      "id": "VAR-202003-1095",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          }
        ],
        "trust": 1.2276592800000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:36:02.617000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200318-05-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 and Mate 30 Pro authorization issue vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/213041"
          },
          {
            "title": "Huawei Mate 20  and Mate 30 Pro Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112631"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Improper Authorization Vulnerability in Several Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=eb8ff91f7c4b0cfb1f64e43153793bcb"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1796"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1155"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-863",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1796"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1796"
          },
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-05-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1796"
          },
          {
            "trust": 0.6,
            "url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-05-smartphone-cn"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/863.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/178027"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1796"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1796"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1796"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1796"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "date": "2020-03-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-1796"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1155"
          },
          {
            "date": "2020-03-20T15:15:14.107000",
            "db": "NVD",
            "id": "CVE-2020-1796"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22002"
          },
          {
            "date": "2020-03-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-1796"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          },
          {
            "date": "2020-03-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1155"
          },
          {
            "date": "2024-11-21T05:11:23.843000",
            "db": "NVD",
            "id": "CVE-2020-1796"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 and  Mate 30 Pro Unauthorized authentication vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003136"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1155"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2020-9256 (GCVE-0-2020-9256)

    Vulnerability from nvd – Published: 2020-07-17 23:08 – Updated: 2024-08-04 10:19
    VLAI
    Summary
    Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service.
    Severity
    No CVSS data available.
    CWE
    • Improper Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Mate 30 Pro Affected: Versions earlier than 10.1.0.150(C00E136R5P3)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:19:20.192Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Mate 30 Pro",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than 10.1.0.150(C00E136R5P3)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-17T23:08:19.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2020-9256",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Mate 30 Pro",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than 10.1.0.150(C00E136R5P3)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2020-9256",
        "datePublished": "2020-07-17T23:08:19.000Z",
        "dateReserved": "2020-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:19:20.192Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9256 (GCVE-0-2020-9256)

    Vulnerability from cvelistv5 – Published: 2020-07-17 23:08 – Updated: 2024-08-04 10:19
    VLAI
    Summary
    Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service.
    Severity
    No CVSS data available.
    CWE
    • Improper Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Mate 30 Pro Affected: Versions earlier than 10.1.0.150(C00E136R5P3)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:19:20.192Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Mate 30 Pro",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions earlier than 10.1.0.150(C00E136R5P3)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-17T23:08:19.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2020-9256",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Mate 30 Pro",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions earlier than 10.1.0.150(C00E136R5P3)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2020-9256",
        "datePublished": "2020-07-17T23:08:19.000Z",
        "dateReserved": "2020-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:19:20.192Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }