VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 4, 2018· Updated Aug 5, 2024

CVE-2018-7936

CVE-2018-7936

Description

Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can connect the phone with PC and send special instructions to install third party desktop and disable the boot wizard. As a result, the FRP function is bypassed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

FRP bypass in Huawei Mate 10 Pro before BLA-L29 8.0.0.148 allows attacker to install third-party desktop and disable boot wizard via PC connection.

Vulnerability

A Factory Reset Protection (FRP) bypass vulnerability exists in Huawei Mate 10 Pro smartphones with versions before BLA-L29 8.0.0.148(C432). During the FRP reconfiguration process, an attacker can send specially crafted instructions from a connected PC to install a third-party desktop and disable the boot wizard, effectively bypassing FRP [1].

Exploitation

An attacker with physical access to the phone can connect it to a PC and send special instructions to install a third-party desktop and disable the boot wizard. This requires no authentication and can be performed after a factory reset [1].

Impact

Successful exploitation allows the attacker to bypass the FRP function, enabling unauthorized reconfiguration of the device and access to personal data. This undermines the security protection intended to prevent unauthorized use after a factory reset [1].

Mitigation

Huawei has released software updates to fix this vulnerability. Users should update to version BLA-L29 8.0.0.148(C432) or later. [1]

References
  1. Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Huawei/Mate 10 Prollm-fuzzy
    Range: <8.0.0.148(C432)
  • Huawei Technologies Co., Ltd./Mate 10 Prov5
    Range: The versions before BLA-L29 8.0.0.148(C432)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.