CVE-2018-7947
Description
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones.
Risk Information
Base Score
3.9
MODERATE
Vector
CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.031
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-7925 ,CVE-2018-7947 ,CVE-2019-5282 are affected in emily-al00a_firmware 8.1.0.109(sp5c00) | NCM |
| Vulnerabilities CVE-2018-7925 ,CVE-2018-7947 ,CVE-2019-5282 are affected in emily-al00a_firmware 8.1.0.108(sp6c00) | NCM |
| Vulnerabilities CVE-2018-7925 ,CVE-2018-7947 ,CVE-2019-5282 are affected in emily-al00a_firmware 8.1.0.108(sp2c00) | NCM |
| Vulnerabilities CVE-2018-7925 ,CVE-2018-7947 ,CVE-2019-5282 are affected in emily-al00a_firmware 8.1.0.107(sp7c00) | NCM |
| Vulnerabilities CVE-2018-7925 ,CVE-2018-7944 ,CVE-2018-7947 ,CVE-2019-5282 are affected in emily-al00a_firmware 8.1.0.107(sp5c00) | NCM |
| Vulnerabilities CVE-2018-7925 ,CVE-2018-7944 ,CVE-2018-7947 ,CVE-2019-5282 are affected in emily-al00a_firmware 8.1.0.106(sp2c00) | NCM |
| Vulnerabilities CVE-2018-7925 ,CVE-2018-7947 ,CVE-2019-5282 are affected in emily-al00a_firmware 8.1.0.105(sp6c00) | NCM |
| Improper Authentication Vulnerability (CVE-2018-7947) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234