CVE-2018-7940

6.2MEDIUM

Key Information:

Vendor: McAfee
Status: Huawei Mate 10, Huawei Mate 10 Pro
Vendor: CVE Published:; 10 May 2018

Summary

Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. An attacker with high privilege obtains the smart phone and bypass the activation function by some specific operations.

Affected Version(s)

HUAWEI Mate 10, HUAWEI Mate 10 Pro earlier versions than 8.0.0.129(SP2C00), earlier versions than 8.0.0.129(SP2C01)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 10, 2018
Vulnerability Reserved
Mar 9, 2018