CVE-2018-7993

EUVD-2018-19705
HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Common Weakness Enumeration
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180711-01-smartphone-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180711-01-smartphone-en