Vulnerabilities > CVE-2018-7991 - Unspecified vulnerability in Huawei Mate10 Firmware

CVSS 4.6 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

low complexity

huawei

NVD

Published: 2018-09-18

Updated: 2019-10-03

Summary

Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0.110(C00) have a Factory Reset Protection (FRP) bypass vulnerability. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone to the computer and then perform some specific operations. Successful exploit could allow the attacker bypass the FRP protection to access the system setting page.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Mate10 Firmware *	1
Hardware	Huawei Huawei Mate10 -	1

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180912-01-smartphone-en