VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 17, 2020· Updated Aug 4, 2024

CVE-2020-1882

CVE-2020-1882

Description

Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Improper authorization in Huawei phones allows attackers to bypass security controls and perform unauthorized operations.

Vulnerability

Huawei smartphones including Ever-L29B (versions <10.0.0.180(C185E6R3P3), <10.0.0.180(C432E6R1P7), <10.0.0.180(C636E5R2P3)), HUAWEI Mate 20 RS (versions <10.0.0.176(C00E70R2P8)), HUAWEI Mate 20 X (versions <10.0.0.176(C00E70R2P8)), and Honor Magic2 (versions <10.0.0.175(C00E59R2P11)) contain an improper authorization vulnerability. Due to insufficient authorization checks of some function, attackers can bypass intended restrictions [1].

Exploitation

An attacker can exploit this vulnerability without requiring special privileges, though the exact attack vector is not specified. The improper authorization allows the attacker to bypass security mechanisms and execute functions that should be protected. No user interaction is mentioned as necessary [1].

Impact

Successful exploitation enables an attacker to perform unauthorized operations, potentially leading to disclosure of sensitive information, modification of system settings, or other arbitrary actions on the affected device. The severity is considered moderate due to the need for local access or specific conditions [1].

Mitigation

Huawei has released software updates to address this vulnerability. Users should upgrade to the fixed versions listed in the security advisory: Ever-L29B to 10.0.0.180(C185E6R3P3)/10.0.0.180(C432E6R1P7)/10.0.0.180(C636E5R2P3), HUAWEI Mate 20 RS to 10.0.0.176(C00E70R2P8), HUAWEI Mate 20 X to 10.0.0.176(C00E70R2P8), and Honor Magic2 to 10.0.0.175(C00E59R2P11) [1].

References
  1. Security Advisory - Improper Authorization Vulnerability in Several Huawei Smart Phones

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

7
  • Huawei/Ever-L29Bllm-create2 versions
    <10.0.0.180+ 1 more
    • (no CPE)range: <10.0.0.180
    • (no CPE)range: earlier than 10.0.0.180(C185E6R3P3)
  • Huawei/HUAWEI Mate 20llm-fuzzy3 versions
    <10.0.0.175(C786E70R3P8)+ 2 more
    • (no CPE)range: <10.0.0.175(C786E70R3P8)
    • (no CPE)range: earlier than 10.0.0.175(C786E70R3P8)
    • (no CPE)range: earlier than 10.0.0.176(C00E70R2P8)
  • Huawei/Honor Magic2llm-fuzzy2 versions
    <10.0.0.175(C00E59R2P11)+ 1 more
    • (no CPE)range: <10.0.0.175(C00E59R2P11)
    • (no CPE)range: earlier than 10.0.0.175(C00E59R2P11)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.