Description
HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operations.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-04-smartphone-en
Scores
CVSS v3
6.8
EPSS
0.0002
EPSS Percentile
7.2%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (1)
huawei/p30_firmware
< 10.1.0.135\(c00e135r2p11\)
Published
Jun 15, 2020
Tracked Since
Feb 18, 2026