Authorization

2020-02-1800:15:00

PRIOn knowledge base

www.prio-n.com

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

JSON

Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations.

CPENameOperatorVersion
ever-l29b_firmwareeq< 10.0.0.180c185e6r3p3
ever-l29b_firmwareeq< 10.0.0.180c432e6r1p7
ever-l29b_firmwareeq< 10.0.0.180c636e5r2p3
honor_magic2_firmwareeq< 10.0.0.175c0e59r2p11
mate_20_rs_firmwareeq< 10.0.0.175c786e70r3p8
mate_20_x_firmwareeq< 10.0.0.176c0e70r2p8

Name	Operator	Version
ever-l29b_firmware	eq	< 10.0.0.180c185e6r3p3
ever-l29b_firmware	eq	< 10.0.0.180c432e6r1p7
ever-l29b_firmware	eq	< 10.0.0.180c636e5r2p3
honor_magic2_firmware	eq	< 10.0.0.175c0e59r2p11
mate_20_rs_firmware	eq	< 10.0.0.175c786e70r3p8
mate_20_x_firmware	eq	< 10.0.0.176c0e70r2p8