CVE-2018-7988

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone to another smartphone and then perform a series of specific operations. Successful exploit could allow the attacker bypass the FRP protection.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:nova_2_plus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:nova_2_plus:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:mate_9_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:mate_9_pro:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:13

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-smartphone-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-01-smartphone-en - Vendor Advisory

Information

Published : 2018-11-27 22:29

Updated : 2024-11-21 04:13


NVD link : CVE-2018-7988

Mitre link : CVE-2018-7988

CVE.ORG link : CVE-2018-7988


JSON object : View

Products Affected

huawei

  • nova_2_plus
  • mate_9_pro_firmware
  • nova_2_plus_firmware
  • mate_9_pro
CWE
CWE-863

Incorrect Authorization