Description
NFC (Near Field Communication) module in Huawei mobile phones with software LON-AL00BC00 has an information leak vulnerability. The attacker has to trick a user to do some specific operations and then craft the NFC message to exploit this vulnerability. Successful exploit will cause some information leak.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180307-01-phone-en
Scores
CVSS v3
3.5
EPSS
0.0004
EPSS Percentile
11.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
huawei/lon-al00b_firmware
lon-al00bc00
Published
Mar 09, 2018
Tracked Since
Feb 18, 2026