Lucene search

[email protected]CVE-2017-2721

HistoryNov 22, 2017 - 7:29 p.m.

CVE-2017-2721

2017-11-2219:29:01

CWE-287

[email protected]

web.nvd.nist.gov

huawei

smart phones

software

security vulnerability

factory reset protection

frp bypass

swype keyboard

google account

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

JSON

Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed.

Affected configurations

NVD

Node

huaweiberlin-l21_firmwareMatchberlin-l21c10b130

huaweiberlin-l21_firmwareMatchberlin-l21c185b133

AND

huaweiberlin-l21Match-

Node

huaweiberlin-l21hn_firmwareMatchberlin-l21hnc10b131

huaweiberlin-l21hn_firmwareMatchberlin-l21hnc185b140

huaweiberlin-l21hn_firmwareMatchberlin-l21hnc432b151

AND

huaweiberlin-l21hnMatch-

Node

huaweiberlin-l22_firmwareMatchberlin-l22c636b160

AND

huaweiberlin-l22Match-

Node

huaweiberlin-l22hn_firmwareMatchberlin-l22hnc636b130

huaweiberlin-l22hn_firmwareMatchberlin-l22hnc675b150custc675d001

AND

huaweiberlin-l22hnMatch-

Node

huaweiberlin-l23_firmwareMatchberlin-l23c605b131

AND

huaweiberlin-l23Match-

Node

huaweiberlin-l24hn_firmwareMatchberlin-l24hnc567b110

AND

huaweiberlin-l24hnMatch-

Node

huaweifrd-l02_firmwareMatchfrd-l02c432b120

huaweifrd-l02_firmwareMatchfrd-l02c635b130

huaweifrd-l02_firmwareMatchfrd-l02c675b170custc675d001

AND

huaweifrd-l02Match-

Node

huaweifrd-l04_firmwareMatchfrd-l04c567b162

huaweifrd-l04_firmwareMatchfrd-l04c605b131

AND

huaweifrd-l04Match-

Node

huaweifrd-l09_firmwareMatchfrd-l09c10b130

huaweifrd-l09_firmwareMatchfrd-l09c185b130

huaweifrd-l09_firmwareMatchfrd-l09c432b131

huaweifrd-l09_firmwareMatchfrd-l09c636b130

AND

huaweifrd-l09Match-

Node

huaweifrd-l14_firmwareMatchfrd-l14c567b162

AND

huaweifrd-l14Match-

Node

huaweifrd-l19_firmwareMatchfrd-l19c10b130

huaweifrd-l19_firmwareMatchfrd-l19c432b131

huaweifrd-l19_firmwareMatchfrd-l19c636b130

AND

huaweifrd-l19Match-

CPENameOperatorVersion
huawei:berlin-l21_firmwarehuawei berlin-l21 firmwareeqberlin-l21c10b130
huawei:berlin-l21_firmwarehuawei berlin-l21 firmwareeqberlin-l21c185b133

CPE	Name	Operator	Version
huawei:berlin-l21_firmware	huawei berlin-l21 firmware	eq	berlin-l21c10b130
huawei:berlin-l21_firmware	huawei berlin-l21 firmware	eq	berlin-l21c185b133

CNA Affected

[
  {
    "product": "Berlin-L21,Berlin-L21HN,Berlin-L22,Berlin-L22HN,Berlin-L23,Berlin-L24HN,FRD-L02,FRD-L04,FRD-L09,FRD-L14,FRD-L19,",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130,"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

JSON

Related for CVE-2017-2721

prion1 nvd1 cvelist1 huawei1