CVE-2018-7940
Summary
| CVE | CVE-2018-7940 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-05-10 14:29:00 UTC |
| Updated | 2018-06-13 13:41:00 UTC |
| Description | Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. An attacker with high privilege obtains the smart phone and bypass the activation function by some specific operations. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Mate 9 | - | All | All | All |
| Hardware | Huawei | Mate 9 | - | All | All | All |
| Operating System | Huawei | Mate 9 Firmware | All | All | All | All |
| Operating System | Huawei | Mate 9 Firmware | All | All | All | All |
| Hardware | Huawei | Mate 9 Pro | - | All | All | All |
| Hardware | Huawei | Mate 9 Pro | - | All | All | All |
| Operating System | Huawei | Mate 9 Pro Firmware | All | All | All | All |
| Operating System | Huawei | Mate 9 Pro Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Authentication Bypass Vulnerability in Some Smart Phones | CONFIRM | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.