CVE-2018-7936

3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.0%
top 92.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 10 PRO FirmwareHuawei Technologies Co., Ltd. Mate 10 PRO
Timeline
PublishedSep 4
Latest updateMay 13

Description

Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can connect the phone with PC and send special instructions to install third party desktop and disable the boot wizard. As a result, the FRP function is bypassed.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/mate_10_pro_firmware< bla-l29_8.0.0.148\(c432\)
CVEListV5huawei_technologies_co.,_ltd./mate_10_proThe versions before BLA-L29 8.0.0.148(C432)

🔴Vulnerability Details

2
GHSA
GHSA-4wx9-cc2p-c482: Mate 10 Pro Huawei smart phones with the versions before BLA-L29 82022-05-13
CVEList
CVE-2018-7936: Mate 10 Pro Huawei smart phones with the versions before BLA-L29 82018-09-04
CVE-2018-7936 (MEDIUM CVSS 4.6) | Mate 10 Pro Huawei smart phones wit | cvebase.io