var-202002-0597
Vulnerability from variot
Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed. Huawei smartphone P10 Plus There is an input verification vulnerability in.Information may be tampered with.
There are security holes in Huawei smart phones P10 Plus
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-0597",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p10 plus \u003c9.1.0.252",
"scope": null,
"trust": 1.2,
"vendor": "huawei",
"version": null
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.252\\(c185e2r1p9t8\\)"
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.255\\(c576e6r1p8t8\\)"
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.252\\(c432e4r1p9t8\\)"
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.201\\(c01e75r1p12t8\\)"
},
{
"model": "p10 plus",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.201(c01e75r1p12t8)"
},
{
"model": "p10 plus",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.252(c185e2r1p9t8)"
},
{
"model": "p10 plus",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.252(c432e4r1p9t8)"
},
{
"model": "p10 plus",
"scope": "eq",
"trust": 0.8,
"vendor": "huawei",
"version": "9.1.0.255(c576e6r1p8t8)"
},
{
"model": "p10 plus \u003c9.1.0.201",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p10 plus \u003c9.1.0.255",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p10 plus",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9.1.0.252c185e2r1p9t8"
},
{
"model": "p10 plus",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9.1.0.201c01e75r1p12t8"
},
{
"model": "p10 plus",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p10 plus",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9.1.0.252c432e4r1p9t8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13175"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-943"
},
{
"db": "NVD",
"id": "CVE-2020-1872"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:p10_plus_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
}
]
},
"cve": "CVE-2020-1872",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-1872",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002147",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-13175",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"id": "CVE-2020-1872",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002147",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-1872",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-002147",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-13175",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-943",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13175"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-943"
},
{
"db": "NVD",
"id": "CVE-2020-1872"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed. Huawei smartphone P10 Plus There is an input verification vulnerability in.Information may be tampered with. \n\r\n\r\nThere are security holes in Huawei smart phones P10 Plus",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1872"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"db": "CNVD",
"id": "CNVD-2020-13175"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1872",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002147",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-13175",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202002-943",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13175"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-943"
},
{
"db": "NVD",
"id": "CVE-2020-1872"
}
]
},
"id": "VAR-202002-0597",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13175"
}
],
"trust": 1.2219512
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13175"
}
]
},
"last_update_date": "2024-11-23T22:44:44.168000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200122-01-digitalbalance",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-digitalbalance-en"
},
{
"title": "Patch for Huawei P10 Plus Digital Balance Bypass Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/204567"
},
{
"title": "Huawei P10 Plus Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110543"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13175"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-943"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"db": "NVD",
"id": "CVE-2020-1872"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-digitalbalance-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1872"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1872"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13175"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-943"
},
{
"db": "NVD",
"id": "CVE-2020-1872"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-13175"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-943"
},
{
"db": "NVD",
"id": "CVE-2020-1872"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13175"
},
{
"date": "2020-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"date": "2020-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-943"
},
{
"date": "2020-02-18T02:15:10.767000",
"db": "NVD",
"id": "CVE-2020-1872"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13175"
},
{
"date": "2020-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002147"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-943"
},
{
"date": "2024-11-21T05:11:31.070000",
"db": "NVD",
"id": "CVE-2020-1872"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei smartphone P10 Plus Input verification vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002147"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-943"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…