What is CVE-2018-7925?

CVE-2018-7925 is a medium-severity vulnerability in Huawei Emily-al00a, classified under Incorrect Authorization. CVSS score: 6.8/10. Published 2018-11-13.

How severe is CVE-2018-7925?

Medium severity. CVSS v3 base score is 6.8 out of 10.

Auth bypass in Huawei Emily-al00a

CVE-2018-7925

The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lo…

Vulnerability class: Broken Access Control

EPSS: 0.002 (16.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Huawei Emily-al00a
Huawei Emily-al00a_firmware
Huawei Technologies Co., Ltd. Emily-al00a — versions The versions before 8.1.0.171(C00)

Weakness classification (CWE)

CWE-863 — Incorrect Authorization

References

psirt@huawei.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2018-7925?: CVE-2018-7925 is a medium-severity vulnerability in Huawei Emily-al00a, classified under Incorrect Authorization. CVSS score: 6.8/10. Published 2018-11-13.
How severe is CVE-2018-7925?: Medium severity. CVSS v3 base score is 6.8 out of 10.