CVE-2018-7926 Vulnerability Details

  /     /     /  

CVE-2018-7926 Metadata Quick Info

CVE Published: 13/11/2018 | CVE Updated: 05/08/2024 | CVE Year: 2018
Source: huawei | Vendor: Huawei Technologies Co., Ltd. | Product: Huawei Watch 2
Status : PUBLISHED

CVE-2018-7926 Description

Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass permission verification to perform specific operations and modify some data on the watch.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: improper authorization
Source: Huawei Technologies Co., Ltd.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description: