CVE-2017-2728

4 documents4 sources

Severity

6.4MEDIUM

EPSS

0.0%

top 93.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Honor 6X Firmware Huawei Technologies Co., Ltd. Honor 6X

Timeline

PublishedNov 22

Latest updateMay 13

Description

Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.uawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to un…

CVSS vector

CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.5 | Impact: 5.9

Affected Packages2 packages

▶NVDhuawei/honor_6x_firmwareberlin-l22c636b150

▶CVEListV5huawei_technologies_co.,_ltd./honor_6xBerlin-L22C636B150 and earlier versions

🔴Vulnerability Details

GHSA

GHSA-r7mp-gqfh-q2fr: Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability↗2022-05-13

▶

CVEList

CVE-2017-2728: Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability↗2017-11-22

▶

💬Community

Bugzilla

CVE-2017-13727 libtiff: Reachable assertion abort in the function TIFFWriteDirectoryTagSubifd()↗2017-09-06

▶