Auth bypass in Huawei P30
CVE-2020-1813
HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface…
Vulnerability class: Broken Authentication
EPSS: 0.002 (14.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Huawei P30
- Huawei P30_firmware
- N/a Huawei P30 — versions Versions earlier than 10.1.0.135(C00E135R2P11)
Weakness classification (CWE)
References
- psirt@huawei.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-1813?
- CVE-2020-1813 is a medium-severity vulnerability in Huawei P30, classified under Missing Authentication for Critical Function. CVSS score: 6.8/10. Published 2020-06-15.
- How severe is CVE-2020-1813?
- Medium severity. CVSS v3 base score is 6.8 out of 10.