CVE-2018-7922

Summary

Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify the specific data to exploit the vulnerability. Successful exploit could allow the attacker to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.ALP-L09Versions earlier than ALP-L09 8.0.0.150(C432)affected

Weaknesses

  • insufficient input validation

ADP Enrichment

CVE Program Container

Additional References

References