Vulnerability Details CVE-2018-7926
Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass permission verification to perform specific operations and modify some data on the watch.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.1%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References
Products affected by CVE-2018-7926
-
cpe:2.3:h:huawei:watch_2:-
-
cpe:2.3:o:huawei:watch_2_firmware:owdd.180707.001.e1