CVE-2018-7911
Description
Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Gaode Map and can perform some operations to update the Google account. As a result, the FRP function is bypassed.
Risk Information
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.128(sp2c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.127(sp1c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.126(sp5c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.126(sp2c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.125(sp3c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.125(sp1c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.120(sp2c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.118(c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.113(sp7c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.113(sp3c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.113(sp2c00) | NCM |
| Vulnerabilities CVE-2018-7901 ,CVE-2018-7911 ,CVE-2019-19412 ,CVE-2019-5302 ,CVE-2019-5303 are affected in alp-al00b_firmware 8.0.0.106(c00) | NCM |
| CVE-2018-7911 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234