CVE-2017-17326 — Technologies CO LTD Mate 9 PRO vulnerability

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.0%

top 92.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Technologies CO LTD Mate 9 PRO Huawei Mate 9 PRO Fimware

Timeline

PublishedMar 9

Latest updateMay 13

Description

Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; LON-AL00BC00B229 have an activation lock bypass vulnerability. The smartphone is supposed to be activated by the former account after reset if find my phone function is on. The software does not have a sufficient protection of activation lock. Successful exploit could allow an attacker to bypass the activation lock and activate the smartphone by a new account after a series of operation.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

▶NVDhuawei/mate_9_pro_fimwarelon-al00bc00b139d, lon-al00bc00b229+1

▶CVEListV5huawei_technologies_co_ltd/mate_9_proLON-AL00BC00B229, Mate 9 Pro LON-AL00BC00B139D+1

🔴Vulnerability Details

GHSA

GHSA-qw3f-pqc2-mc9h: Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; LON-AL00BC00B229 have an activation lock bypass vulnerability↗2022-05-13

▶

CVEList

CVE-2017-17326: Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; LON-AL00BC00B229 have an activation lock bypass vulnerability↗2018-03-09

▶