CVE-2018-7934
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. An attacker may trick users into installing a malicious app. As a result, apps running on the frontend crash after the users make specific screen gestures.
Algunos teléfonos móviles de Huawei con versiones anteriores a la BLA-L29 8.0.0.145(C432) tienen una vulnerabilidad de denegación de servicio (DoS) porque no se adaptan a gestos de pantalla concretos. Un atacante podría engañar a un usuario para que instale una app maliciosa. Como resultado, las aplicaciones que se ejecutan en el frontend se cierran inesperadamente una vez el usuario realiza gestos de pantalla concretos.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-03-09 CVE Reserved
- 2018-07-31 CVE Published
- 2024-06-09 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180705-01-smartphone-en | 2018-10-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Mate 10 Pro Firmware Search vendor "Huawei" for product "Mate 10 Pro Firmware" | < bla-l29_8.0.0.145\(c432\) Search vendor "Huawei" for product "Mate 10 Pro Firmware" and version " < bla-l29_8.0.0.145\(c432\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mate 10 Pro Search vendor "Huawei" for product "Mate 10 Pro" | - | - |
Safe
|