Vulnerability Description
There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Honor 7A Firmware | < 8.0.0.195\(c00\) |
| Huawei | Honor 7A | - |
| Huawei | Honor 9 Lite Firmware | < 8.0.0.182\(c01\) |
| Huawei | Honor 9 Lite | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-eVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-01-phone-eVendor Advisory
FAQ
What is CVE-2018-7946?
CVE-2018-7946 is a vulnerability with a CVSS score of 4.3 (MEDIUM). There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due ...
How severe is CVE-2018-7946?
CVE-2018-7946 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7946?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor 7A Firmware, Huawei Honor 7A, Huawei Honor 9 Lite Firmware, Huawei Honor 9 Lite.