Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authentication bypass vulnerability. When the attacker obtains the users smartphone, the vulnerability can be used to replace the start-up program so that the attacker can obtain the information in the smartphone and achieve the purpose of controlling the smartphone.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Alp-al00b_firmware | Huawei | 8.0.0.1.18d(c00) (including) | 8.0.0.1.18d(c00) (including) |