Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mate_20_firmware
(Huawei)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 29 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-03-20 | CVE-2020-1796 | There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). | Mate_20_firmware, Mate_30_pro_firmware | N/A | ||
2020-03-20 | CVE-2020-1795 | There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). | Mate_20_firmware, Mate_30_pro_firmware | N/A | ||
2020-03-20 | CVE-2020-1794 | There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). | Mate_20_firmware, Mate_30_pro_firmware | N/A | ||
2020-01-21 | CVE-2020-1840 | HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8) | Mate_20_firmware | N/A | ||
2020-01-09 | CVE-2020-1787 | HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host user's desktop in an instant, without unlocking the screen lock of the host user. | Mate_20_firmware | N/A | ||
2019-12-13 | CVE-2019-5251 | There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. | Enjoy_7s_firmware, Honor_20s_firmware, Honor_9_lite_firmware, Honor_9i_firmware, Honor_v10_firmware, M6_firmware, Mate_20_firmware, P30_firmware, P30_pro_firmware | N/A | ||
2019-11-29 | CVE-2019-5225 | P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. | Mate_20_firmware, P30_firmware, P30_pro_firmware | N/A | ||
2019-07-10 | CVE-2019-5220 | There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than... | Honor_magic_2_firmware, Mate_20_firmware, Mate_20_x_firmware | 4.6 | ||
2018-12-04 | CVE-2018-7956 | Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information. | Mate_20_firmware, Nova_3_firmware, Nova_3i_firmware, Vip_app | 5.3 |