Vulnerability Description
Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authentication bypass vulnerability. When the attacker obtains the user's smartphone, the vulnerability can be used to replace the start-up program so that the attacker can obtain the information in the smartphone and achieve the purpose of controlling the smartphone.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Alp-Al00B Firmware | 8.0.0.1.18d\(c00\) |
| Huawei | Alp-Al00B | - |
| Huawei | Alp-Tl00B Firmware | 8.0.0.1.18d\(c01\) |
| Huawei | Alp-Tl00B | - |
| Huawei | Bla-Al00B Firmware | 8.0.0.1.18d\(c00\) |
| Huawei | Bla-Al00B | - |
| Huawei | Bla-L09C Firmware | 8.0.0.127\(c432\) |
| Huawei | Bla-L09C | - |
| Huawei | Bla-L29C Firmware | 8.0.0.127\(c432\) |
| Huawei | Bla-L29C | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181101-01-bypass-Vendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181101-01-bypass-Vendor Advisory
FAQ
What is CVE-2018-7910?
CVE-2018-7910 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137...
How severe is CVE-2018-7910?
CVE-2018-7910 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7910?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Alp-Al00B Firmware, Huawei Alp-Al00B, Huawei Alp-Tl00B Firmware, Huawei Alp-Tl00B, Huawei Bla-Al00B Firmware.