Description
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en
Scores
CVSS v3
2.4
EPSS
0.0003
EPSS Percentile
7.0%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-732
Status
published
Products (1)
huawei/anne-al00_firmware
8.0.0.151\(c00\)
Published
Oct 17, 2018
Tracked Since
Feb 18, 2026