CVE-2020-1872

Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
huaweiCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
huaweip10_plus_firmware
𝑥
< 9.1.0.201\(c01e75r1p12t8\)
huaweip10_plus_firmware
𝑥
< 9.1.0.252\(c185e2r1p9t8\)
huaweip10_plus_firmware
𝑥
< 9.1.0.252\(c432e4r1p9t8\)
huaweip10_plus_firmware
𝑥
< 9.1.0.255\(c576e6r1p8t8\)
𝑥
= Vulnerable software versions
References
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-digitalbalance-en
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-digitalbalance-en