What is CVE-2018-7947?

CVE-2018-7947 is a low-severity vulnerability in Huawei Emily-al00a, classified under Improper Authentication. CVSS score: 3.9/10. Published 2018-07-31.

How severe is CVE-2018-7947?

Low severity. CVSS v3 base score is 3.9 out of 10.

Auth bypass in Huawei Emily-al00a

CVE-2018-7947

Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the d…

Vulnerability class: Broken Authentication

EPSS: 0.002 (14.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.9 (Low). Vector: CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L.

Affected products

Huawei Emily-al00a
Huawei Emily-al00a_firmware
Huawei Technologies Co., Ltd. Emily-al00a — versions Versions earlier before 8.1.0.153(C00)

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

psirt@huawei.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2018-7947?: CVE-2018-7947 is a low-severity vulnerability in Huawei Emily-al00a, classified under Improper Authentication. CVSS score: 3.9/10. Published 2018-07-31.
How severe is CVE-2018-7947?: Low severity. CVSS v3 base score is 3.9 out of 10.