CVE-2018-7991
MEDIUMHuawei Mate10 <ALP-AL00B 8.0.0.110(C00) - Privilege Escalation
Title source: llmDescription
Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0.110(C00) have a Factory Reset Protection (FRP) bypass vulnerability. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone to the computer and then perform some specific operations. Successful exploit could allow the attacker bypass the FRP protection to access the system setting page.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180912-01-smartphone-en
Scores
CVSS v3
4.6
EPSS
0.0003
EPSS Percentile
8.1%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
Status
published
Products (1)
huawei/mate10_firmware
< alp-al00b_8.0.0.110\(c00\)
Published
Sep 18, 2018
Tracked Since
Feb 18, 2026