HIGH🇵🇱 Wersja polska

CVE-2019-5250

CVSS 7.8v3.1pub. 2019-12-13upd. 2024-11-21

Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the user into installing a malicious application before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Huawei Mate 20 Pro

    HW
    Huawei
    wszystkie wersje
  • Huawei Mate 20 Pro Firmware

    OS
    Huawei
    < 9.1.0.135\(c00e133r3p1\)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-9080HIGH7.8ten sam produkt

There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated ...

CVE-2020-9247HIGH7.8ten sam produkt

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate...

CVE-2020-0022HIGH8.8ten sam produkt

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect ...

CVE-2021-22440MEDIUM4.6ten sam produkt

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software...

CVE-2020-9244MEDIUM6.8ten sam produkt

HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions ear...