Lock-Screen Bypass Vulnerability in Huawei P9 Smartphones
CVE-2017-2691

6.8MEDIUM

Key Information:

Vendor: McAfee
Status: Huawei P9
Vendor: CVE Published:; 22 November 2017

What is CVE-2017-2691?

The Huawei P9 smartphones are susceptible to a lock-screen bypass vulnerability that allows unauthorized users to access the device. This flaw enables an unauthenticated attacker to force the phone into fastboot mode. During this process, the attacker can delete the user's password file, thereby circumventing the screen lock requirement. After the device reboots, the attacker can gain access to the phone without needing to enter the screen lock password, compromising user data and privacy.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Huawei P9 Versions earlier before EVA-AL10C00B373, Versions earlier before EVA-CL00C92B373, Versions earlier before EVA-DL00C17B373, Versions earlier before EVA-TL00C01B373,

References

http://www.securityfocus.com/bid/95658

vdb-entryx_refsource_BID

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Dec 1, 2016

JSON

McAfee

What is CVE-2017-2691?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.