Unlock Code Bypass Vulnerability in Huawei Smartphones
CVE-2017-8214

6.2MEDIUM

Key Information:

Vendor
McAfee
Status
Honor 8,honor V8,honor 9,honor V9,nova 2,nova 2 Plus,p9,p10 Plus,toronto
Vendor
CVE Published:
22 November 2017

Summary

Certain Huawei smartphones are susceptible to a vulnerability that allows attackers to bypass unlock code verification. This issue affects various models, enabling an attacker with root access to unlock the mobile phone's bootloader, compromising the device's security and potentially exposing sensitive user data. Users are advised to update to the latest software versions to mitigate this risk.

Affected Version(s)

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191

References

http://www.huawei.com/en/psirt/security-advisories/huawei...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.