CVE-2020-1838
MEDIUMHUAWEI Mate 30 Pro <10.1.0.150(C00E136R5P3 - Auth Bypass
Title source: llmDescription
HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. The device does not sufficiently validate certain credential of user's face, an attacker could craft the credential of the user, successful exploit could allow the attacker to pass the authentication with the crafted credential.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-03-smartphone-en
Scores
CVSS v3
5.5
EPSS
0.0002
EPSS Percentile
7.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-287
Status
published
Products (1)
huawei/mate_30_pro_firmware
< 10.1.0.150\(c00e136r5p3\)
Published
Jul 06, 2020
Tracked Since
Feb 18, 2026