CVE-2020-1809
First published: Fri May 29 2020(Updated: )
HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Mate 10 Firmware | <10.0.0.143\(c00e143r2p4\) | |
| Huawei Mate 10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-1809?
CVE-2020-1809 is an information disclosure vulnerability that affects HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4).
How does CVE-2020-1809 work?
An attacker can wake up the voice assistant on the HUAWEI Mate 10 smartphone and perform crafted voice operations to exploit the vulnerability, allowing them to read certain files without unlocking the phone.
What is the severity of CVE-2020-1809?
CVE-2020-1809 has a severity level of medium, with a CVSS score of 4.6.
How can I fix CVE-2020-1809?
To fix CVE-2020-1809, users should update their HUAWEI Mate 10 smartphones to version 10.0.0.143(C00E143R2P4) or later.
Where can I find more information about CVE-2020-1809?
More information about CVE-2020-1809 can be found on the Huawei website: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-smartphone-en.
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- vendor/huawei
- canonical/huawei mate 10 firmware
- canonical/huawei mate 10