CVE-2018-7924
First published: Wed Oct 17 2018(Updated: )
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Anne-al00 Firmware | =8.0.0.151\(c00\) | |
| Huawei Anne-al00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this information leak vulnerability?
The vulnerability ID for this information leak vulnerability is CVE-2018-7924.
What is the severity level of CVE-2018-7924?
The severity level of CVE-2018-7924 is low.
Which Huawei phones are affected by this vulnerability?
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) are affected by this vulnerability.
How can attackers exploit this vulnerability?
Attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information.
Is there a fix available for CVE-2018-7924?
Yes, Huawei has released a security advisory with instructions on how to update the affected Huawei phones to a version that addresses this vulnerability.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei anne-al00 firmware
- version/huawei anne-al00 firmware/8.0.0.151\(c00\)
- canonical/huawei anne-al00