First published: Fri Nov 29 2019(Updated: )
Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Mate 20 Rs Firmware | <9.1.0.135\(c786e133r3p1\) | |
HUAWEI Mate 20 RS |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-5308 is an improper authorization vulnerability found in Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1).
CVE-2019-5308 allows attackers to switch to a third desktop after a series of operations in ADB mode on Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1).
CVE-2019-5308 has a severity rating of low with a CVSS score of 2.4.
To fix CVE-2019-5308, you should update your Mate 20 RS smartphone to version 9.1.0.135(C786E133R3P1) or later.
You can find more information about CVE-2019-5308 on the Huawei Security Advisories page: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-01-smartphone-en