First published: Mon Jul 06 2020(Updated: )
HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. The device does not sufficiently validate certain credential of user's face, an attacker could craft the credential of the user, successful exploit could allow the attacker to pass the authentication with the crafted credential.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Mate 30 Pro Firmware | <10.1.0.150\(c00e136r5p3\) | |
Huawei Mate 30 Pro |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-1838 is an improper authentication vulnerability affecting HUAWEI Mate 30 Pro devices with versions earlier than 10.1.0.150(C00E136R5P3).
CVE-2020-1838 allows an attacker to bypass authentication on HUAWEI Mate 30 Pro devices with vulnerable versions.
CVE-2020-1838 has a severity rating of medium, with a CVSS score of 5.5.
To fix CVE-2020-1838, update your HUAWEI Mate 30 Pro device to version 10.1.0.150(C00E136R5P3) or later.
More information about CVE-2020-1838 can be found at the following link: [https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-03-smartphone-en](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-03-smartphone-en)