Vulnerability Details CVE-2020-1786
HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability. The software does not sufficiently validate the name of apk file in a special condition which could allow an attacker to forge a crafted application as a normal one. Successful exploit could allow the attacker to bypass digital balance function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.2%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References
Products affected by CVE-2020-1786
-
cpe:2.3:h:huawei:mate_20_pro:-
-
cpe:2.3:o:huawei:mate_20_pro_firmware:-
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.187(c432e10r1p16)
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.188(c185e10r2p1)
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.245(c10e10r2p1)
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.266(c432e10r1p16)
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.267(c636e10r2p1)
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.268(c635e12r1p16)
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.0.0.278(c185e10r2p1)
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.1.0.135(c00e133r3p1)
-
cpe:2.3:o:huawei:mate_20_pro_firmware:9.1.0.310(c185e10r2p1)