CVE-2018-7938

Name of the Vulnerable Software and Affected Versions: Huawei P10 smartphones versions prior to Victoria-AL00AC00B217

Description: The issue is caused by a lack of permission validation, allowing an attacker to trick a user into installing a malicious application. This application can then read certain hardware serial numbers, potentially leading to sensitive information leaks.

Recommendations: For versions prior to Victoria-AL00AC00B217, consider restricting the installation of applications from untrusted sources to minimize the risk of exploitation. As a temporary workaround, review and monitor installed applications for suspicious behavior until a patch is available.