CVE-2018-7928

Summary

There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can replace the old account with a new one through special steps by exploit this vulnerability. As a result, the FRP function is bypassed.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.MyCloudThe versions before 8.1.2.303affected

Weaknesses

  • FRP bypass

ADP Enrichment

CVE Program Container

Additional References

References