Emily Al00A Firmware
CVE-2018-7947
LOW
Severity by source
AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionNVD
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones.
AnalysisAI
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones. Affected products include: Huawei Emily-Al00A Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
More in Emily Al00A Firmware
View allBastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier
The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vul
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (F
There is a smart SMS verification code vulnerability in some Huawei smart phones. Rated medium severity (CVSS 6.5), this
Some Huawei smart phones have a null pointer dereference vulnerability. Rated medium severity (CVSS 5.3), this vulnerabi
Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C0
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today