Vulnerability Details CVE-2018-7930
The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's mobile phone using the NFC function, the attacker can obtain arbitrary files from the mobile phone, causing information leaks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.3%
CVSS Severity
CVSS v3 Score 5.7
CVSS v2 Score 2.9
References
Products affected by CVE-2018-7930
-
cpe:2.3:h:huawei:mate_9:-
-
cpe:2.3:o:huawei:mate_9_firmware:-
-
cpe:2.3:o:huawei:mate_9_firmware:8.0.0.129(sp2c00)
-
cpe:2.3:o:huawei:mate_9_firmware:8.0.0.356(c00)
-
cpe:2.3:o:huawei:mate_9_firmware:9.0.1.158(c432e6r1p8t8)
-
cpe:2.3:o:huawei:mate_9_firmware:9.0.1.159(c636e6r1p8t8)
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00ac00b125
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00b_8.0.0.334(c00)
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00bc00b156
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00bc00b173
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00bc00b233
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00c00b170
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00c00b175
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00c00b225
-
cpe:2.3:o:huawei:mate_9_firmware:mha-cl00bc00b156
-
cpe:2.3:o:huawei:mate_9_firmware:mha-dl00bc00b156