Description
Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. An attacker with high privilege obtains the smart phone and bypass the activation function by some specific operations.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180509-01-mobile-en
Scores
CVSS v3
6.2
EPSS
0.0002
EPSS Percentile
6.2%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (2)
huawei/mate_9_firmware
< 8.0.0.129\(sp2c00\)
huawei/mate_9_pro_firmware
< 8.0.0.129\(sp2c01\)
Published
May 10, 2018
Tracked Since
Feb 18, 2026