1. CVE-Search
  2. CVE-2017-2710
ID CVE-2017-2710
Summary BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed.
References
Vulnerable Configurations
  • cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c229b002custc229d005:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c229b002custc229d005:*:*:*:*:*:*:*
  • cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*
    cpe:2.3:h:huawei:beethoven-w09a:-:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c233b029:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c233b029:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:beethoven-w09a_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:beethoven-w09a_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c100b006custc100d002:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c100b006custc100d002:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c128b003custc128d002:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c128b003custc128d002:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c199b002custc199d002:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c199b002custc199d002:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c209b005custc209d001:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:beethoven-w09a_firmware:btv-w09c209b005custc209d001:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:crr-l09_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:crr-l09_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:huawei:crr-l09:-:*:*:*:*:*:*:*
    cpe:2.3:h:huawei:crr-l09:-:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:crr-l09_firmware:crr-l09c432b390:*:*:*:*:*:*:*
    cpe:2.3:o:huawei:crr-l09_firmware:crr-l09c432b390:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 98712
confirm http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-en
Last major update 03-10-2019 - 00:03
Published 22-11-2017 - 19:29
Last modified 03-10-2019 - 00:03
Back to Top