Vulnerability Details : CVE-2018-7936
Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can connect the phone with PC and send special instructions to install third party desktop and disable the boot wizard. As a result, the FRP function is bypassed.
Products affected by CVE-2018-7936
- cpe:2.3:o:huawei:mate_10_pro_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-7936
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 26 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-7936
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:C/A:N |
3.9
|
6.9
|
NIST | |
4.6
|
MEDIUM | CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
0.9
|
3.6
|
NIST |
References for CVE-2018-7936
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180827-01-frpbypass-en
Security Advisory - FRP Bypass Vulnerability in Huawei Smart PhonesVendor Advisory
Jump to