VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 11, 2018· Updated Aug 5, 2024

CVE-2018-7930

CVE-2018-7930

Description

The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's mobile phone using the NFC function, the attacker can obtain arbitrary files from the mobile phone, causing information leaks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

The NFC module in Huawei Mate 9 before MHA-L29B 8.0.0.366(C567) leaks arbitrary files to an attacker via insufficient validation during file transfer.

Vulnerability

The Near Field Communication (NFC) module in Huawei Mate 9 mobile phones with versions before MHA-L29B 8.0.0.366(C567) contains an information leak vulnerability. The issue stems from insufficient validation on data transfer requests when the affected phone sends files via NFC to an attacker's phone [1].

Exploitation

An attacker with a mobile phone equipped with NFC can exploit this by initiating a file transfer from the victim's phone. The attacker does not require authentication; they only need to be within NFC range and have the victim's phone send a file. The insufficient validation allows the attacker to request arbitrary files from the victim's phone [1].

Impact

Successful exploitation allows the attacker to obtain arbitrary files from the victim's mobile phone, leading to information disclosure of sensitive data [1].

Mitigation

Huawei has released software update MHA-L29B 8.0.0.366(C567) to fix the vulnerability. Users should upgrade to this version or later. No workarounds are mentioned [1].

References
  1. Security Advisory - Information Leak Vulnerability in the NFC Module of Some Huawei Mobile Phones

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Huawei/Mate 9llm-fuzzy
    Range: <8.0.0.366(C567)
  • Huawei Technologies Co., Ltd./Mate 9v5
    Range: The versions before MHA-L29B 8.0.0.366(C567)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.