Information Leakage Vulnerability in Huawei Smartphones: Unauthorized Location Access via Phone State Authorization
CVE-2018-7957 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally.
Learn more about our User Device Pen Test.