Vulnerability Description
The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's mobile phone using the NFC function, the attacker can obtain arbitrary files from the mobile phone, causing information leaks.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 9 Firmware | < mha-l29b_8.0.0.366\(c567\) |
| Huawei | Mate 9 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-smartphVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-smartphVendor Advisory
FAQ
What is CVE-2018-7930?
CVE-2018-7930 is a vulnerability with a CVSS score of 5.7 (MEDIUM). The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data ...
How severe is CVE-2018-7930?
CVE-2018-7930 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7930?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 9 Firmware, Huawei Mate 9.