CVE-2018-7923
Description
Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify the specific data to exploit the vulnerability. Successful exploit could allow the attacker to execute arbitrary code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Huawei ALP-L09 smartphones before 8.0.0.150(C432) have insufficient input validation allowing arbitrary code execution via a crafted app.
Vulnerability
Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check [1]. This allows a crafted application to modify specific data.
Exploitation
An attacker must trick a user who has root privilege to install a crafted application. The application then modifies specific data to exploit the vulnerability [1].
Impact
Successful exploitation allows the attacker to execute arbitrary code [1].
Mitigation
Huawei has released software update ALP-L09 8.0.0.150(C432) to fix this vulnerability [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Huawei Technologies Co., Ltd./ALP-L09v5Range: Versions earlier than ALP-L09 8.0.0.150(C432)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20180911-01-smartphone-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.