Vulnerability Description
Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability. App Lock is a function to prevent unauthorized use of apps on smartphones, an attacker could directly change the lock password after a series of operations. Successful exploit could allow the attacker to use the application which is locked.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 10 Pro Firmware | < bla-al00b_8.1.0.326\(c00\) |
| Huawei | Mate 10 Pro | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181010-01-applockVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181010-01-applockVendor Advisory
FAQ
What is CVE-2018-7989?
CVE-2018-7989 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability. App Lock is a function to prevent unauthorized use of apps on smartphone...
How severe is CVE-2018-7989?
CVE-2018-7989 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7989?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 10 Pro Firmware, Huawei Mate 10 Pro.