medium
4.9
Advisory Published
Updated

CVE-2018-7939

First published: Wed Sep 12 2018(Updated: )

Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the versions before VNS-L53C605B120CUSTC605D103, the versions before CAM-L03C605B143CUSTC605D008, the versions before CAM-L21C10B145, the versions before CAM-L21C185B156, the versions before CAM-L21C223B133, the versions before CAM-L21C432B210, the versions before CAM-L21C464B170, the versions before CAM-L21C636B245, the versions before Berlin-L21C10B372, the versions before Berlin-L21C185B363, the versions before Berlin-L21C464B137, the versions before Berlin-L23C605B161, the versions before FRD-L09C10B387, the versions before FRD-L09C185B387, the versions before FRD-L09C432B398, the versions before FRD-L09C636B387, the versions before FRD-L19C10B387, the versions before FRD-L19C432B399, the versions before FRD-L19C636B387 have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can disable the boot wizard by enable the talkback function. As a result, the FRP function is bypassed.

Credit: psirt@huawei.com

Affected SoftwareAffected VersionHow to fix
Huawei G9 Lite Firmware<vns-l53c605b120custc605d103
Huawei G9 Lite
Huawei Honor 5a Firmware<cam-l03c605b143custc605d008
Huawei Honor 5a
Huawei Honor 5a Firmware<cam-l21c10b145
Huawei Honor 5a Firmware<cam-l21c185b156
Huawei Honor 5a Firmware<cam-l21c223b133
Huawei Honor 5a Firmware<cam-l21c432b210
Huawei Honor 5a<cam-l21c464b170
Huawei Honor 5a Firmware<cam-l21c636b245
Huawei Honor 6x Firmware<berlin-l21c10b372
Huawei Honor 6x
Huawei Honor 6x Firmware<berlin-l21c185b363
Huawei Honor 6x Firmware<berlin-l21c464b137
Huawei Honor 6x Firmware<berlin-l23c605b161
Huawei Honor 8 Firmware<frd-l09c10b387
Huawei Honor 8
Huawei Honor 8 Firmware<frd-l09c185b387
Huawei Honor 8 Firmware<frd-l09c432b398
Huawei Honor 8 Firmware<frd-l09c636b387
Huawei Honor 8 Firmware<frd-l19c10b387
Huawei Honor 8 Firmware<frd-l19c432b399
Huawei Honor 8 Firmware<frd-l19c636b387

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2018-7939?

    CVE-2018-7939 is a vulnerability affecting Huawei smart phones G9 Lite, Honor 5A, Honor 6X, and Honor 8.

  • How severe is CVE-2018-7939?

    CVE-2018-7939 has a severity rating of 4.6, which is considered medium.

  • Which Huawei smartphones are affected by CVE-2018-7939?

    Huawei smart phones G9 Lite, Honor 5A, Honor 6X, and Honor 8 are affected by CVE-2018-7939.

  • How can I fix CVE-2018-7939?

    To fix CVE-2018-7939, update your Huawei smart phone to the latest available firmware version.

  • Where can I find more information about CVE-2018-7939?

    You can find more information about CVE-2018-7939 on the Huawei website.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203