PT-2020-15075 · Huawei · Honor V20
Published
2020-04-20
·
Updated
2021-07-21
·
CVE-2020-1803
CVSS v3.1
5.3
Medium
| Vector | AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Honor V20 versions prior to 10.0.0.179(C636E3R4P3)
Honor V20 versions prior to 10.0.0.180(C185E3R3P3)
Honor V20 versions prior to 10.0.0.180(C432E10R3P4)
Description
The issue is related to insufficient validation of the identity of smart wearable devices in certain scenarios. To launch an attack, an attacker needs to gain specific information from the victim's smartphone. Successful exploitation could result in information disclosure.
Recommendations
For versions prior to 10.0.0.179(C636E3R4P3), update to version 10.0.0.179(C636E3R4P3) or later.
For versions prior to 10.0.0.180(C185E3R3P3), update to version 10.0.0.180(C185E3R3P3) or later.
For versions prior to 10.0.0.180(C432E10R3P4), update to version 10.0.0.180(C432E10R3P4) or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Honor V20