CVE-2020-9081

Vulnerability

An improper authorization vulnerability exists in Huawei smartphones, specifically in the app lock functionality. The affected models include HUAWEI Mate 20 (versions earlier than 10.1.0.160(C00E160R3P8) and earlier than 10.1.0.160(C01E160R2P8)) and HUAWEI P30 (versions earlier than 10.1.0.160(C00E160R2P11)), as well as potentially other models listed in the vendor advisory [1]. The vulnerability is triggered when an attacker performs a series of operations in a specific mode, exploiting insufficient authorization checks to bypass the application lock screen.

Exploitation

An attacker needs physical access to the unlocked device or the ability to enter the specific mode (e.g., emergency call or recovery mode). The attacker then executes a sequence of steps (not fully detailed in the public advisory) that leverage the improper authorization to circumvent the app lock mechanism. No additional authentication, network access, or user interaction beyond initial device access is required [1].

Impact

Successful exploitation allows the attacker to bypass the app lock, thereby gaining unauthorized access to protected applications on the device. This leads to potential disclosure of private data (e.g., messages, photos, financial apps) and violates the intended confidentiality protection of the device. The attacker does not gain system-level privileges, but the app lock bypass undermines user privacy [1].

Mitigation

Huawei released software updates to fix this vulnerability on 2020-08-26. Affected users should upgrade to the resolved versions: HUAWEI Mate 20 to 10.1.0.160(C00E160R3P8) or 10.1.0.160(C01E160R2P8); HUAWEI P30 to 10.1.0.160(C00E160R2P11). The full list of affected products and corresponding patches is available in the vendor security advisory [1]. No workaround is provided; patching is the only mitigation.