Sign-up

ID

VAR-201809-1114


CVE

CVE-2018-7929


TITLE

Huawei Mate RS Vulnerability related to access control in smartphones

Trust: 0.8

sources: JVNDB: JVNDB-2018-011319

DESCRIPTION

Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations. Huawei Mate RS Smartphones have access control vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

Trust: 2.16

sources: NVD: CVE-2018-7929 // JVNDB: JVNDB-2018-011319 // CNVD: CNVD-2019-33606

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-33606

AFFECTED PRODUCTS

vendor:huaweimodel:mate rsscope:ltversion:neo-al00d_8.1.0.167\(c786\)

Trust: 1.0

vendor:huaweimodel:mate rsscope:ltversion:neo-al00d 8.1.0.167(c786)

Trust: 0.8

vendor:huaweimodel:mate rs <neo-al00d 8.1.0.167scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2019-33606 // JVNDB: JVNDB-2018-011319 // NVD: CVE-2018-7929

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-7929
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-7929
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-33606
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201809-688
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2018-7929
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-33606
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2018-7929
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2019-33606 // JVNDB: JVNDB-2018-011319 // CNNVD: CNNVD-201809-688 // NVD: CVE-2018-7929

PROBLEMTYPE DATA

problemtype:CWE-863

Trust: 1.0

problemtype:CWE-284

Trust: 0.8

sources: JVNDB: JVNDB-2018-011319 // NVD: CVE-2018-7929

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201809-688

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201809-688

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-011319

PATCH
title:huawei-sa-20180914-01-smartphoneurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180914-01-smartphone-en
Trust: 0.8
title:Patch for Huawei Mate RS lock screen bypass vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/182857
Trust: 0.6
title:Huawei Mate RS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84911
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-33606 // 
            
            
            
            JVNDB: JVNDB-2018-011319 // 
            
            
            
            CNNVD: CNNVD-201809-688

EXTERNAL IDS
db:NVDid:CVE-2018-7929
Trust: 3.0
db:JVNDBid:JVNDB-2018-011319
Trust: 0.8
db:CNVDid:CNVD-2019-33606
Trust: 0.6
db:CNNVDid:CNNVD-201809-688
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-33606 // 
            
            
            
            JVNDB: JVNDB-2018-011319 // 
            
            
            
            CNNVD: CNNVD-201809-688 // 
            
            
            
            NVD: CVE-2018-7929

REFERENCES
url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180914-01-smartphone-en
Trust: 2.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7929
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-7929
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2019-33606 // 
            
            
            
            JVNDB: JVNDB-2018-011319 // 
            
            
            
            CNNVD: CNNVD-201809-688 // 
            
            
            
            NVD: CVE-2018-7929

SOURCES
db:CNVDid:CNVD-2019-33606
db:JVNDBid:JVNDB-2018-011319
db:CNNVDid:CNNVD-201809-688
db:NVDid:CVE-2018-7929

LAST UPDATE DATE
2024-11-23T22:26:12.868000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-33606date:2019-09-29T00:00:00
db:JVNDBid:JVNDB-2018-011319date:2019-01-10T00:00:00
db:CNNVDid:CNNVD-201809-688date:2019-10-23T00:00:00
db:NVDid:CVE-2018-7929date:2024-11-21T04:12:58.470

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-33606date:2019-09-29T00:00:00
db:JVNDBid:JVNDB-2018-011319date:2019-01-10T00:00:00
db:CNNVDid:CNNVD-201809-688date:2018-09-14T00:00:00
db:NVDid:CVE-2018-7929date:2018-09-18T13:29:01.097