CVE-2018-7930
Description
The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attackers mobile phone using the NFC function, the attacker can obtain arbitrary files from the mobile phone, causing information leaks.
Risk Information
Base Score
5.7
MODERATE
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.045
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-2702 ,CVE-2018-7930 are affected in mate_9_firmware mha-al00bc00b233 | NCM |
| Vulnerabilities CVE-2017-2702 ,CVE-2017-8142 ,CVE-2017-8165 ,CVE-2018-7930 are affected in mate_9_firmware mha-al00bc00b173 | NCM |
| Vulnerabilities CVE-2017-2702 ,CVE-2017-2716 ,CVE-2017-8142 ,CVE-2017-8165 ,CVE-2018-7930 are affected in mate_9_firmware mha-al00bc00b156 | NCM |
| Vulnerabilities CVE-2017-2716 ,CVE-2017-8142 ,CVE-2017-8165 ,CVE-2018-7930 are affected in mate_9_firmware 9.0.1.159(c636e6r1p8t8) | NCM |
| Vulnerabilities CVE-2017-2716 ,CVE-2017-8142 ,CVE-2017-8165 ,CVE-2018-7930 are affected in mate_9_firmware 9.0.1.158(c432e6r1p8t8) | NCM |
| Vulnerabilities CVE-2017-2716 ,CVE-2017-8142 ,CVE-2017-8165 ,CVE-2018-7930 are affected in mate_9_firmware 8.0.0.356(c00) | NCM |
| Vulnerabilities CVE-2017-2716 ,CVE-2017-8142 ,CVE-2017-8165 ,CVE-2018-7930 are affected in mate_9_firmware 8.0.0.129(sp2c00) | NCM |
| Vulnerabilities CVE-2018-7930 are affected in mate_9_firmware mha-dl00bc00b156 | NCM |
| Vulnerabilities CVE-2018-7930 are affected in mate_9_firmware mha-cl00bc00b156 | NCM |
| Vulnerabilities CVE-2018-7930 are affected in mate_9_firmware mha-al00c00b225 | NCM |
| Vulnerabilities CVE-2018-7930 are affected in mate_9_firmware mha-al00c00b175 | NCM |
| Vulnerabilities CVE-2018-7930 are affected in mate_9_firmware mha-al00c00b170 | NCM |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-7930) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234