CVE-2020-1795
First published: Fri Mar 20 2020(Updated: )
There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2).
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Mate 20 Firmware | <10.0.0.188\(c00e74r3p8\) | |
| HUAWEI Mate 20 | ||
| Huawei Mate 30 Pro Firmware | <10.0.0.203\(c00e202r7p2\) | |
| Huawei Mate 30 Pro |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-1795?
CVE-2020-1795 is a logic error vulnerability in several smartphones that allows an attacker to bypass the Digital Balance limit after a series of operations.
Which smartphones are affected by CVE-2020-1795?
CVE-2020-1795 affects Huawei Mate 20 and Huawei Mate 30 Pro smartphones.
What is the severity of CVE-2020-1795?
CVE-2020-1795 has a severity rating of low, with a CVSS score of 2.4.
How can an attacker exploit CVE-2020-1795?
An attacker can exploit CVE-2020-1795 by performing a series of operations to bypass the Digital Balance limit on the affected smartphones.
Is there a patch or fix available for CVE-2020-1795?
Patch or fix information for CVE-2020-1795 can be found in the security advisory provided by Huawei: [link](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en).
- collector/nvd-index
- agent/references
- agent/type
- agent/event
- vendor/huawei
- canonical/huawei mate 20 firmware
- canonical/huawei mate 20
- canonical/huawei mate 30 pro firmware
- canonical/huawei mate 30 pro