CVE-2018-7939

Published Sep 12, 2018

Last updated 5 years ago

CVSS medium 4.6

Overview

Description: Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the versions before VNS-L53C605B120CUSTC605D103, the versions before CAM-L03C605B143CUSTC605D008, the versions before CAM-L21C10B145, the versions before CAM-L21C185B156, the versions before CAM-L21C223B133, the versions before CAM-L21C432B210, the versions before CAM-L21C464B170, the versions before CAM-L21C636B245, the versions before Berlin-L21C10B372, the versions before Berlin-L21C185B363, the versions before Berlin-L21C464B137, the versions before Berlin-L23C605B161, the versions before FRD-L09C10B387, the versions before FRD-L09C185B387, the versions before FRD-L09C432B398, the versions before FRD-L09C636B387, the versions before FRD-L19C10B387, the versions before FRD-L19C432B399, the versions before FRD-L19C636B387 have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can disable the boot wizard by enable the talkback function. As a result, the FRP function is bypassed.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 4.6
Impact score: 3.6
Exploitability score: 0.9
Vector string: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 6.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:C/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:g9_lite_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60F8A4E3-0CE0-44E9-B3DC-11D2D8881890",
            "versionEndExcluding": "vns-l53c605b120custc605d103"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:g9_lite:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "973755E2-E74B-48D2-B9D7-C26FFDAB4C5E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AF15524-BA8E-4DE5-A647-B4D62CD53911",
            "versionEndExcluding": "cam-l03c605b143custc605d008"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28042D7B-7395-4CC4-BEFB-1752D4540148"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AB1CE1A-D288-4815-ACB0-B9EFECA14B6C",
            "versionEndExcluding": "cam-l21c10b145"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28042D7B-7395-4CC4-BEFB-1752D4540148"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90CD0FAA-5C93-4B54-8001-191C60A3BC69",
            "versionEndExcluding": "cam-l21c185b156"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28042D7B-7395-4CC4-BEFB-1752D4540148"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA9CCAC8-52C4-44B7-8AD8-E09940A15A94",
            "versionEndExcluding": "cam-l21c223b133"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28042D7B-7395-4CC4-BEFB-1752D4540148"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EC59B38-AFCF-4490-96F3-61F1CBF6AB6F",
            "versionEndExcluding": "cam-l21c432b210"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28042D7B-7395-4CC4-BEFB-1752D4540148"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5a:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9225CCD-AFA9-4C52-B5AB-BC684C95FC6E",
            "versionEndExcluding": "cam-l21c464b170"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28042D7B-7395-4CC4-BEFB-1752D4540148"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF3014C4-7D71-40E1-A4F3-C8057A3B040D",
            "versionEndExcluding": "cam-l21c636b245"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28042D7B-7395-4CC4-BEFB-1752D4540148"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "756C0AF6-0C17-4C1F-821C-0A75ED69C5F7",
            "versionEndExcluding": "berlin-l21c10b372"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "07006372-CA98-4256-9C07-A2152A8D2BBA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "031127A2-6ACF-475B-944C-712C69CF1C98",
            "versionEndExcluding": "berlin-l21c185b363"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "07006372-CA98-4256-9C07-A2152A8D2BBA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B371E85E-3512-4DAD-9230-91CE3862A74F",
            "versionEndExcluding": "berlin-l21c464b137"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "07006372-CA98-4256-9C07-A2152A8D2BBA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A26FFA79-ED4C-466B-9711-5B5A8183C279",
            "versionEndExcluding": "berlin-l23c605b161"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "07006372-CA98-4256-9C07-A2152A8D2BBA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FC57564-95A9-4D88-BBB2-94D1F7154549",
            "versionEndExcluding": "frd-l09c10b387"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "72889681-6793-4451-B97F-F12B4B28372A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D16DDE9E-E39A-41B5-99DF-09B089EAA7BF",
            "versionEndExcluding": "frd-l09c185b387"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "72889681-6793-4451-B97F-F12B4B28372A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A96CA79-1D23-404E-8730-5EB29C33C55A",
            "versionEndExcluding": "frd-l09c432b398"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "72889681-6793-4451-B97F-F12B4B28372A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "408CD567-3C9F-4A8B-8403-43ED51D6B40C",
            "versionEndExcluding": "frd-l09c636b387"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "72889681-6793-4451-B97F-F12B4B28372A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E509EC01-9F1B-4B45-B681-FA9FFCA558AA",
            "versionEndExcluding": "frd-l19c10b387"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "72889681-6793-4451-B97F-F12B4B28372A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFA7EDD6-50B9-4912-9AB6-D0582FD36798",
            "versionEndExcluding": "frd-l19c432b399"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "72889681-6793-4451-B97F-F12B4B28372A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11B6F1BA-C4B1-4EE6-BD46-4D9C8CFFBE53",
            "versionEndExcluding": "frd-l19c636b387"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "72889681-6793-4451-B97F-F12B4B28372A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References