Authentication Bypass Vulnerability in Huawei Mobile Phones
CVE-2018-7947

3.9LOW

Key Information:

Vendor: McAfee
Status: Emily-al00a
Vendor: CVE Published:; 31 July 2018

What is CVE-2018-7947?

Huawei mobile phones prior to version Emily-AL00A 8.1.0.153 (C00) are susceptible to an authentication bypass vulnerability. This flaw allows an attacker to potentially deceive a user into connecting their device to a malicious source. If exploited, especially in debug mode, it may lead to the installation of harmful applications on the affected devices, compromising their security.

Affected Version(s)

Emily-AL00A Versions earlier before 8.1.0.153(C00)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.9

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 31, 2018
Vulnerability Reserved
Mar 9, 2018

McAfee

What is CVE-2018-7947?

Affected Version(s)

References

CVSS V3.1

Timeline