CVE-2020-1882
Last modified
CVE-2020-1882 is a medium-severity vulnerability rated 4.6/10 on the CVSS scale. Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations.. EPSS estimates a 0.21% chance of exploitation in the next 30 days.
Description
Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 20 Rs Firmware | < 10.0.0.175\(c786e70r3p8\) |
| Huawei | Mate 20 X Firmware | < 10.0.0.176\(c00e70r2p8\) |
| Huawei | Honor Magic2 Firmware | < 10.0.0.175\(c00e59r2p11\) |
| Huawei | Ever-L29b Firmware | < 10.0.0.180\(c185e6r3p3\) |
| Huawei | Ever-L29b Firmware | < 10.0.0.180\(c432e6r1p7\) |
| Huawei | Ever-L29b Firmware | < 10.0.0.180\(c636e5r2p3\) |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-1882?
How severe is CVE-2020-1882?
How do I fix CVE-2020-1882?
Are you affected by CVE-2020-1882?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST