PT-2018-18359 · Huawei · Huawei Mate 10 Pro
Published
2018-10-17
·
Updated
2018-12-06
·
CVE-2018-7989
CVSS v3.1
4.6
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
Huawei Mate 10 pro versions prior to BLA-AL00B 8.1.0.326(C00)
Description:
The issue is related to an improper authentication vulnerability in the App Lock function, which is designed to prevent unauthorized use of apps on smartphones. An attacker could change the lock password after a series of operations, allowing them to use locked applications.
Recommendations:
For versions prior to BLA-AL00B 8.1.0.326(C00), update to version BLA-AL00B 8.1.0.326(C00) or later to resolve the issue. As a temporary workaround, consider disabling the App Lock function until a patch is available. Restrict access to sensitive applications to minimize the risk of exploitation.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Mate 10 Pro