CVE-2018-7936

4.6MEDIUM

Key Information

Vendor: McAfee
Status: Mate 10 Pro
Vendor: CVE Published:; 4 September 2018

Summary

Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can connect the phone with PC and send special instructions to install third party desktop and disable the boot wizard. As a result, the FRP function is bypassed.

Affected Version(s)

Mate 10 Pro = The versions before BLA-L29 8.0.0.148(C432)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 4, 2018
Vulnerability Reserved
Mar 9, 2018

Collectors

NVD DatabaseMitre Database