CVE-2017-2728

6.4MEDIUM

Key Information:

Vendor: McAfee
Status: Honor 6x
Vendor: CVE Published:; 15 November 2017

Summary

Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.uawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.

Affected Version(s)

Honor 6X Berlin-L22C636B150 and earlier versions

References

http://www.huawei.com/en/psirt/security-advisories/2017/h...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97042

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2017
Vulnerability Reserved
Dec 1, 2016