CVE-2020-1872

{"id": "CVE-2020-1872", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.9}]}, "published": "2020-02-18T02:15:10.767", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-01-digitalbalance-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed."}, {"lang": "es", "value": "Los tel\u00e9fonos inteligentes Huawei P10 Plus con versiones anteriores a 9.1.0.201(C01E75R1P12T8), anteriores a 9.1.0.252(C185E2R1P9T8), anteriores a 9.1.0.252(C432E4R1P9T8) y anteriores a 9.1.0.255(C576E6R1P8T8), presentan una vulnerabilidad de omisi\u00f3n de digital balance. Cuando se reconfigura el tel\u00e9fono m\u00f3vil en el modo de digital balance, un atacante puede llevar a cabo algunas operaciones para omitir el asistente de inicio y entonces abrir alg\u00fan switch. Como resultado, se omite la funci\u00f3n digital balance."}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "828503A3-1E53-47BF-BE54-A0B3C1CAF62A", "versionEndExcluding": "9.1.0.201\\(c01e75r1p12t8\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAD5BC83-41ED-4260-8883-4CA5898A4FAD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6664B883-B3DE-40BF-A7E8-B1E0A249C19A", "versionEndExcluding": "9.1.0.252\\(c185e2r1p9t8\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAD5BC83-41ED-4260-8883-4CA5898A4FAD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05B2D730-0334-4F2B-9C1C-80E1C4C3939A", "versionEndExcluding": "9.1.0.252\\(c432e4r1p9t8\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAD5BC83-41ED-4260-8883-4CA5898A4FAD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52D4EFDE-C037-4FEB-B3E1-1915579BFDE2", "versionEndExcluding": "9.1.0.255\\(c576e6r1p8t8\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAD5BC83-41ED-4260-8883-4CA5898A4FAD"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}