CVE-2018-7989
Description
Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability. App Lock is a function to prevent unauthorized use of apps on smartphones, an attacker could directly change the lock password after a series of operations. Successful exploit could allow the attacker to use the application which is locked.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Huawei Mate 10 Pro smartphones before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability in App Lock allowing an attacker to change the lock password and access locked apps.
Vulnerability
The vulnerability resides in the App Lock function of Huawei Mate 10 Pro smartphones running versions prior to BLA-AL00B 8.1.0.326(C00). App Lock is designed to prevent unauthorized use of apps, but due to improper authentication, an attacker can directly change the lock password after a series of operations [1]. Other affected models include ALP-AL00B, ALP-TL00B, and Anne-AL00 running earlier versions [1].
Exploitation
An attacker needs physical access to the device to perform a series of operations that bypass the App Lock authentication mechanism. No prior credentials are required. The exact steps are not detailed in the advisory, but the attack does not require additional privileges beyond device access [1].
Impact
Successful exploitation allows the attacker to change the App Lock password and subsequently use any protected applications. This leads to unauthorized access to private app data, compromising confidentiality. The attacker gains the ability to bypass the intended security control of App Lock [1].
Mitigation
Huawei has released software updates to fix this vulnerability. For the Mate 10 Pro (BLA-AL00B), the resolved version is 8.1.0.326(C00). Users should update to this version or later. The advisory was published on 2018-10-10 [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: < BLA-AL00B 8.1.0.326(C00)
- Huawei Technologies Co., Ltd./Mate 10 prov5Range: The versions before BLA-AL00B 8.1.0.326(C00)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20181010-01-applock-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.