CVE-2018-7928
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can replace the old account with a new one through special steps by exploit this vulnerability. As a result, the FRP function is bypassed.
Hay una vulnerabilidad de seguridad que podría conducir a la omisión del FRP (Factory Reset Protection) en MyCloud APP en versiones anteriores a la 8.1.2.303 instalada en algunos smartphones Huawei. Al volver a configurar el teléfono móvil mediante la función FRP, un atacante puede reemplazar la cuenta antigua por una nueva mediante pasos especiales explotando esta vulnerabilidad. Como resultado, se omite la función FRP.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-03-09 CVE Reserved
- 2018-10-09 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180930-01-mycloud-en | 2020-02-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Westerndigital Search vendor "Westerndigital" | My Cloud Search vendor "Westerndigital" for product "My Cloud" | < 8.1.2.303 Search vendor "Westerndigital" for product "My Cloud" and version " < 8.1.2.303" | android |
Affected
| ||||||