CVE-2018-7944

3 documents3 sources

Severity

6.8MEDIUM

EPSS

0.0%

top 94.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Technologies Co., Ltd. Emily-al00a Huawei Emily-al00a Firmware

Timeline

PublishedJul 5

Latest updateMay 13

Description

Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

▶NVDhuawei/emily-al00a_firmware8.1.0.106\(sp2c00\), 8.1.0.107\(sp5c00\)+1

▶CVEListV5huawei_technologies_co.,_ltd./emily-al00a8.1.0.106(SP2C00) and 8.1.0.107(SP5C00)

🔴Vulnerability Details

GHSA

GHSA-h5h8-465r-2j7f: Huawei smart phones Emily-AL00A with software 8↗2022-05-13

▶

CVEList

CVE-2018-7944: Huawei smart phones Emily-AL00A with software 8↗2018-07-05

▶