CVE-2018-7939

EPSS 0.03%
Veröffentlicht 12.09.2018 15:29:01
Zuletzt bearbeitet 21.11.2024 04:12:59
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the versions before VNS-L53C605B120CUSTC605D103, the versions before CAM-L03C605B143CUSTC605D008, the versions before CAM-L21C10B145, the versions before CAM-L21C185B156, the versions before CAM-L21C223B133, the versions before CAM-L21C432B210, the versions before CAM-L21C464B170, the versions before CAM-L21C636B245, the versions before Berlin-L21C10B372, the versions before Berlin-L21C185B363, the versions before Berlin-L21C464B137, the versions before Berlin-L23C605B161, the versions before FRD-L09C10B387, the versions before FRD-L09C185B387, the versions before FRD-L09C432B398, the versions before FRD-L09C636B387, the versions before FRD-L19C10B387, the versions before FRD-L19C432B399, the versions before FRD-L19C636B387 have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can disable the boot wizard by enable the talkback function. As a result, the FRP function is bypassed.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ G9 Lite Firmware Version < vns-l53c605b120custc605d103

Huawei ≫ G9 Lite Version-

Huawei ≫ Honor 5a Firmware Version < cam-l03c605b143custc605d008

Huawei ≫ Honor 5a Version-

Huawei ≫ Honor 5a Firmware Version < cam-l21c10b145

Huawei ≫ Honor 5a Version-

Huawei ≫ Honor 5a Firmware Version < cam-l21c185b156

Huawei ≫ Honor 5a Version-

Huawei ≫ Honor 5a Firmware Version < cam-l21c223b133

Huawei ≫ Honor 5a Version-

Huawei ≫ Honor 5a Firmware Version < cam-l21c432b210

Huawei ≫ Honor 5a Version-

Huawei ≫ Honor 5a Version < cam-l21c464b170

Huawei ≫ Honor 5a Version-

Huawei ≫ Honor 5a Firmware Version < cam-l21c636b245

Huawei ≫ Honor 5a Version-

Huawei ≫ Honor 6x Firmware Version < berlin-l21c10b372

Huawei ≫ Honor 6x Version-

Huawei ≫ Honor 6x Firmware Version < berlin-l21c185b363

Huawei ≫ Honor 6x Version-

Huawei ≫ Honor 6x Firmware Version < berlin-l21c464b137

Huawei ≫ Honor 6x Version-

Huawei ≫ Honor 6x Firmware Version < berlin-l23c605b161

Huawei ≫ Honor 6x Version-

Huawei ≫ Honor 8 Firmware Version < frd-l09c10b387

Huawei ≫ Honor 8 Version-

Huawei ≫ Honor 8 Firmware Version < frd-l09c185b387

Huawei ≫ Honor 8 Version-

Huawei ≫ Honor 8 Firmware Version < frd-l09c432b398

Huawei ≫ Honor 8 Version-

Huawei ≫ Honor 8 Firmware Version < frd-l09c636b387

Huawei ≫ Honor 8 Version-

Huawei ≫ Honor 8 Firmware Version < frd-l19c10b387

Huawei ≫ Honor 8 Version-

Huawei ≫ Honor 8 Firmware Version < frd-l19c432b399

Huawei ≫ Honor 8 Version-

Huawei ≫ Honor 8 Firmware Version < frd-l19c636b387

Huawei ≫ Honor 8 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.045

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	0.9	3.6	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:C/A:N

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180905-01-frpbypass-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-7939

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-7939

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-7939

EUVD