Description
Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-01-smartphone-en
Scores
CVSS v3
2.4
EPSS
0.0006
EPSS Percentile
19.2%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Details
Status
published
Products (1)
huawei/mate_20_rs_firmware
< 9.1.0.135\(c786e133r3p1\)
Published
Nov 29, 2019
Tracked Since
Feb 18, 2026