CVE-2020-1813

MEDIUM Year: 2020
CVSS v3 Score
6.8
Medium
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-306
View all →

Vulnerability Description

HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operations.

Related Vulnerabilities

CVE-2017-17746

MEDIUM
CVSS:6.8(Medium)

Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access the device without entering user credentials. The authenticatio...

CWE-3062017

CVE-2017-8156

MEDIUM
CVSS:6.8(Medium)

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit board...

CWE-3062017

CVE-2019-16258

MEDIUM
CVSS:6.8(Medium)

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal U...

CWE-3062019

CVE-2020-10263

MEDIUM
CVSS:6.8(Medium)

An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue...

CWE-3062020

CVE-2020-15483

MEDIUM
CVSS:6.8(Medium)

An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port provides a shell, without requiring a password, with complete access.

CWE-3062020

CVE-2021-20262

MEDIUM
CVSS:6.8(Medium)

A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical acce...

CWE-3062021