CVE-2020-1878
Summary
| CVE | CVE-2020-1878 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-03-20 15:15:00 UTC |
| Updated | 2023-02-03 16:51:00 UTC |
| Description | Huawei smartphone OxfordS-AN00A with versions earlier than 10.0.1.152D(C735E152R3P3),versions earlier than 10.0.1.160(C00E160R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Oxfords-an00a | - | All | All | All |
| Hardware | Huawei | Oxfords-an00a | - | All | All | All |
| Operating System | Huawei | Oxfords-an00a Firmware | All | All | All | All |
| Operating System | Huawei | Oxfords-an00a Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Denial of Service Vulnerability on Huawei Smartphone | CONFIRM | www.huawei.com | |
| Security Advisory - Improper Authentication Vulnerability in Huawei Smartphone | MISC | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.