PT-2018-18313 · Huawei · Huawei Alp-Al00B+1

Published

2018-04-30

Updated

2019-10-03

CVE-2018-7901

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Huawei ALP-AL00B smart phones versions prior to 8.0.0.129 Huawei BLA-AL00B smart phones versions prior to 8.0.0.129

Description: The issue concerns a remote control vulnerability in the RCS module. An attacker can trick a user into installing a malicious application, which requires the user to manually agree to its connection with RCS. The attacker must also obtain the authentication key used by RCS. Successful exploitation may allow the attacker to remotely control the keyboard.

Recommendations: For Huawei ALP-AL00B smart phones versions prior to 8.0.0.129, update to version 8.0.0.129 or later. For Huawei BLA-AL00B smart phones versions prior to 8.0.0.129, update to version 8.0.0.129 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-7901

Affected Products

Huawei Alp-Al00B

Huawei Bla-Al00B

PT-2018-18313 · Huawei · Huawei Alp-Al00B+1

CVE-2018-7901

Related Identifiers

Affected Products

References · 3