CVE-2018-7910

Name of the Vulnerable Software and Affected Versions: Huawei smartphones ALP-AL00B version 8.0.0.118D(C00) Huawei smartphones ALP-TL00B version 8.0.0.118D(C01) Huawei smartphones BLA-AL00B version 8.0.0.118D(C00) Huawei smartphones BLA-L09C versions 8.0.0.127(C432) through 8.0.0.137(C432) Huawei smartphones BLA-L29C versions 8.0.0.129(C432) through 8.0.0.137(C432)

Description: The issue allows an attacker to bypass authentication on the affected devices. If an attacker gains physical access to the smartphone, they can exploit this to replace the start-up program, potentially allowing them to access information on the device and control it.

Recommendations: For ALP-AL00B version 8.0.0.118D(C00), update to a newer version that addresses the authentication bypass issue. For ALP-TL00B version 8.0.0.118D(C01), update to a newer version that addresses the authentication bypass issue. For BLA-AL00B version 8.0.0.118D(C00), update to a newer version that addresses the authentication bypass issue. For BLA-L09C versions 8.0.0.127(C432) through 8.0.0.137(C432), update to a newer version that addresses the authentication bypass issue. For BLA-L29C versions 8.0.0.129(C432) through 8.0.0.137(C432), update to a newer version that addresses the authentication bypass issue.