1. Home
  2. CVE Database
  3. CVE-2018-7940
MEDIUM · 6.2

CVE-2018-7940

Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. An attacker with high ...

Vulnerability Description

Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. An attacker with high privilege obtains the smart phone and bypass the activation function by some specific operations.

CVSS Score

6.2

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiMate 9 Firmware< 8.0.0.129\(sp2c00\)
HuaweiMate 9-
HuaweiMate 9 Pro Firmware< 8.0.0.129\(sp2c01\)
HuaweiMate 9 Pro-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2018-7940?

CVE-2018-7940 is a vulnerability with a CVSS score of 6.2 (MEDIUM). Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. An attacker with high ...

How severe is CVE-2018-7940?

CVE-2018-7940 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-7940?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 9 Firmware, Huawei Mate 9, Huawei Mate 9 Pro Firmware, Huawei Mate 9 Pro.