How severe is CVE-2018-7939?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2018-7939?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2018-7939

MEDIUM Year: 2018

CVSS v3 Score

4.6

Medium

CVSS v2 Score

4.9

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the versions before VNS-L53C605B120CUSTC605D103, the versions before CAM-L03C605B143CUSTC605D008, the versions before CAM-L21C10B145, the versions before CAM-L21C185B156, the versions before CAM-L21C223B133, the versions before CAM-L21C432B210, the versions before CAM-L21C464B170, the versions before CAM-L21C636B245, the versions before Berlin-L21C10B372, the versions before Berlin-L21C185B363, the versions before Berlin-L21C464B137, the versions before Berlin-L23C605B161, the versions before FRD-L09C10B387, the versions before FRD-L09C185B387, the versions before FRD-L09C432B398, the versions before FRD-L09C636B387, the versions before FRD-L19C10B387, the versions before FRD-L19C432B399, the versions before FRD-L19C636B387 have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can disable the boot wizard by enable the talkback function. As a result, the FRP function is bypassed.

CVE-2015-7566

MEDIUM

CVSS:4.6(Medium)

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash...

NVD-CWE-Other2015

CVE-2015-8324

MEDIUM

CVSS:4.6(Medium)

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of servic...

NVD-CWE-Other2015

CVE-2016-1851

MEDIUM

CVSS:4.6(Medium)

The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vecto...

NVD-CWE-Other2016

CVE-2016-2184

MEDIUM

CVSS:4.6(Medium)

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL point...

NVD-CWE-Other2016

CVE-2016-2185

MEDIUM

CVSS:4.6(Medium)

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and sys...

NVD-CWE-Other2016

CVE-2016-2186

MEDIUM

CVSS:4.6(Medium)

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system ...

NVD-CWE-Other2016

CVE-2018-7939

Vulnerability Description

Related Vulnerabilities

CVE-2015-7566

CVE-2015-8324

CVE-2016-1851

CVE-2016-2184

CVE-2016-2185

CVE-2016-2186