Information Leakage Vulnerability in Huawei Smartphones: Unauthorized Location Access via Phone State Authorization

Information Leakage Vulnerability in Huawei Smartphones: Unauthorized Location Access via Phone State Authorization

CVE-2018-7957 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally.

Learn more about our User Device Pen Test.