CVE-2018-7938

P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can read some hardware serial number, which may cause sensitive information leak.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-09-04 16:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-7938

Mitre link : CVE-2018-7938

CVE.ORG link : CVE-2018-7938


JSON object : View

Products Affected

huawei

  • p10
  • p10_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor