CVE-2018-7993

7.8HIGH

Key Information:

Vendor: McAfee
Status: Huawei Mate 10
Vendor: CVE Published:; 31 July 2018

Summary

HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code.

Affected Version(s)

HUAWEI Mate 10 Versions earlier than ALP-AL00 8.1.0.311

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2018
Vulnerability Reserved
Mar 9, 2018