CVE-2018-7947

3.9LOW

Key Information:

Vendor: McAfee
Status: Emily-al00a
Vendor: CVE Published:; 31 July 2018

Summary

Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones.

Affected Version(s)

Emily-AL00A Versions earlier before 8.1.0.153(C00)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.9

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2018
Vulnerability Reserved
Mar 9, 2018