CVE-2017-2691
3 documents3 sources
Severity
6.8MEDIUM
EPSS
0.0%
top 87.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 22
Latest updateMay 13
Description
Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user's password file during the reboot process, then login the phone without screen lock password after reboot.
CVSS vector
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9
Affected Packages2 packages
▶CVEListV5huawei_technologies_co.,_ltd./huawei_p9Versions earlier before EVA-AL10C00B373, Versions earlier before EVA-CL00C92B373, Versions earlier before EVA-DL00C17B373, Versions earlier before EVA-TL00C01B373,
🔴Vulnerability Details
2GHSA▶
GHSA-mf6g-r32j-f7qw: Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier↗2022-05-13
CVEList▶
CVE-2017-2691: Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier↗2017-11-22