VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 18, 2018· Updated Aug 5, 2024

CVE-2018-7991

CVE-2018-7991

Description

Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0.110(C00) have a Factory Reset Protection (FRP) bypass vulnerability. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone to the computer and then perform some specific operations. Successful exploit could allow the attacker bypass the FRP protection to access the system setting page.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A physical USB attack bypasses Factory Reset Protection on Huawei Mate10 smartphones before ALP-AL00B 8.0.0.110(C00).

Vulnerability

A Factory Reset Protection (FRP) bypass vulnerability exists in Huawei Mate10 smartphones running versions earlier than ALP-AL00B 8.0.0.110(C00) [1]. The system does not sufficiently verify permission during certain operations, allowing an attacker to bypass the FRP lock [1].

Exploitation

An attacker with physical access to the smartphone connects a data cable between the device and a computer, then performs a sequence of specific operations [1]. No authentication or user interaction beyond the physical connection is required; the attack leverages insufficient permission verification in the system [1].

Impact

Successful exploitation allows the attacker to bypass the Factory Reset Protection and access the system settings page, gaining unauthorized control over device configuration [1]. This can lead to further compromise of the device and user data.

Mitigation

Huawei released a software update to fix this vulnerability. The resolved version for Mate10 is ALP-AL00B 8.0.0.110(C00), with the fix released on September 12, 2018 [1]. Users should update their devices to this version or later.

References
  1. Security Advisory - FRP Bypass Vulnerability on Smartphones

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Huawei/Mate10llm-create
    Range: < 8.0.0.110(C00)
  • Huawei Technologies Co., Ltd./Mate10v5
    Range: Versions earlier before ALP-AL00B 8.0.0.110(C00)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.