CVE-2017-2727
published 2017-11-22CVE-2017-2727: Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365…
medium4.3CVSS 3.0
AVPACLPRNUINSUCLILAL
Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a privilege escalation vulnerability. An unauthenticated attacker can bypass phone activation to user management page of the phone and create a new user. Successful exploit could allow the attacker operate part function of the phone.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| huawei | p9_firmware | < eva-al00c00b365 | eva-al00c00b365 |
| huawei | p9_firmware | < eva-al10c00b365 | eva-al10c00b365 |
| huawei | p9_firmware | < eva-cl00c92b365 | eva-cl00c92b365 |
| huawei | p9_firmware | < eva-dl00c17b365 | eva-dl00c17b365 |
| huawei | p9_firmware | < eva-tl00c01b365 | eva-tl00c01b365 |
| huawei_technologies_co_ltd | huawei_p9 | — | — |