CVE-2018-7924
Description
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper USB command permissions in Huawei Anne-AL00 (versions < 8.0.0.151(C00)) allow attackers with USB access to leak device information.
Vulnerability
The vulnerability exists in Huawei Anne-AL00 smartphones running versions earlier than 8.0.0.151(C00). Due to improper permission settings for specific commands, the device leaks information when accessed via the USB interface. [1]
Exploitation
An attacker with physical USB access to the device can send specific commands to exploit the improper permission settings. No authentication is required beyond USB connectivity. [1]
Impact
Successful exploitation allows the attacker to obtain specific device information, resulting in a low confidentiality impact. The CVSSv3 base score is 2.4, indicating low severity. [1]
Mitigation
Huawei has released firmware version 8.0.0.168(C00) to resolve the issue. Users should upgrade to this version or later. No workarounds are provided in the advisory. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Huawei Technologies Co., Ltd./Anne-AL00v5Range: Versions earlier than 8.0.0.151(C00)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.