Improper Authentication in Huawei Mate 10 Pro Smartphones
CVE-2018-7989

4.6MEDIUM

Key Information:

Vendor: McAfee
Status: Mate 10 Pro
Vendor: CVE Published:; 17 October 2018

Summary

Huawei Mate 10 Pro smartphones are impacted by a vulnerability that allows attackers to manipulate the App Lock feature, which is designed to secure applications from unauthorized access. By executing a specific sequence of operations, an attacker could successfully alter the lock password, thereby gaining unauthorized access to application functionalities that were previously secured. This vulnerability highlights significant concerns regarding mobile application security and the integrity of user data.

Affected Version(s)

Mate 10 pro The versions before BLA-AL00B 8.1.0.326(C00)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 17, 2018
Vulnerability Reserved
Mar 9, 2018