Authentication Bypass Vulnerability in Huawei Honor V9 Play
CVE-2017-17145

4.6MEDIUM

Key Information:

Vendor: Huawei
Status: Honor V9 Play Firmware
Vendor: CVE Published:; 9 March 2018

What is CVE-2017-17145?

The Huawei Honor V9 Play smartphone is susceptible to an authentication bypass vulnerability due to improper component design. This flaw allows an attacker who gains physical access to the device to perform specific operations, such as deleting registered fingerprints, without requiring authentication. This vulnerability poses a significant risk to user data security, as it can lead to unauthorized access to sensitive information stored on the device.

References

http://www.huawei.com/en/psirt/security-advisories/2017/h...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 9, 2018
Vulnerability Reserved
Dec 4, 2017