CVE-2018-7947
LOWHuawei mobile phones <Emily-AL00A 8.1.0.153(C00) - Auth Bypass
Title source: llmDescription
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en
Scores
CVSS v3
3.9
EPSS
0.0003
EPSS Percentile
9.4%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Details
CWE
CWE-287
Status
published
Products (1)
huawei/emily-al00a_firmware
< 8.1.0.153\(c00\)
Published
Jul 31, 2018
Tracked Since
Feb 18, 2026