Lucene search

Huawei TechnologiesHUAWEI-SA-20170323-01-SMARTPHONE

HistoryMar 23, 2017 - 12:00 a.m.

Security Advisory - Bluetooth Unlock Bypassing Vulnerability in Some Huawei Mobile Phones

2017-03-2300:00:00

Huawei Technologies

www.huawei.com

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

27.3%

JSON

Some Huawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user’s Bluetooth device to unlock the user’s mobile phone screen. (Vulnerability ID: HWPSIRT-2017-01088)
This vulnerability has been assigned a CVE ID: CVE-2017-2728.
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170323-01-smartphone-en

Affected configurations

Vulners

Node

huaweigt3Matchnmo-l23c605b350

huaweigt3Matchnmo-l31c10b351

huaweigt3Matchnmo-l31c185b352

huaweigt3Matchnmo-l31c432b350

huaweigt3Matchnmo-l31c464b350

huaweigt3Matchnmo-l31c636b351

huaweihonor_5aMatchcam-l03c110b150

huaweihonor_5aMatchcam-l03c178b152

huaweihonor_5aMatchcam-l03c688b151

huaweihonor_5aMatchcam-l03domc109b125

huaweihonor_5aMatchcam-l21c09b163

huaweihonor_5aMatchcam-l21c432b179

huaweihonor_5aMatchcam-l21c569b151

huaweihonor_5aMatchcam-l21c636b180

huaweihonor_5aMatchcam-l21rouc150b131

huaweihonor_5cMatchnem-l21c432b351

huaweihonor_5cMatchnem-l22c636b351

huaweihonor_5cMatchnem-l51c10b351

huaweihonor_5cMatchnem-l51c432b350

huaweihonor_6xMatchbll-l21c464b130

huaweihonor_6xMatchberlin-l21c10b360

huaweihonor_6xMatchberlin-l21c185b360

huaweihonor_6xMatchberlin-l21hnc10b360

huaweihonor_6xMatchberlin-l21hnc185b360

huaweihonor_6xMatchberlin-l21hnc432b360

huaweihonor_6xMatchberlin-l22c636b150

huaweihonor_6xMatchberlin-l22hnc636b360

huaweihonor_6xMatchberlin-l23c605b141

huaweihonor_7Matchplk-al10c00b388

huaweihonor_7Matchplk-l01c10b350

huaweihonor_7Matchplk-l01c432b390

huaweihonor_7Matchplk-l01c636b371

huaweihonor_8Matchfrd-l02c432b380

huaweihonor_8Matchfrd-l02c635b382

huaweihonor_8Matchfrd-l09c10b380

huaweihonor_8Matchfrd-l09c185b380

huaweihonor_8Matchfrd-l09c432b381

huaweihonor_8Matchfrd-l09c636b380

huaweihonor_8Matchfrd-l19c10b380

huaweihonor_8Matchfrd-l19c432b381

huaweihonor_8Matchfrd-l19c636b380

huaweimaimang_5Matchmla-al00c00b352

huaweimate_s_firmwareMatchmt7-j1c635b593

huaweimate_s_firmwareMatchnxt-l09c185b580

huaweimate_s_firmwareMatchnxt-l09c432b570

huaweimate_s_firmwareMatchnxt-l09c605b585

huaweimate_s_firmwareMatchnxt-l09c636b580

huaweimate_s_firmwareMatchnxt-l29c10b580

huaweimate_s_firmwareMatchnxt-l29c185b580

huaweimate_s_firmwareMatchnxt-l29c432b581

huaweimate_s_firmwareMatchnxt-l29c605b585

huaweimate_s_firmwareMatchnxt-l29c636b580

huaweimate_s_firmwareMatchcrr-l09c432b390

huaweimate_s_firmwareMatchcrr-ul00c636b361

huaweimate_s_firmwareMatchcrr-ul20c432b390

huaweinovaMatchcannes-al10c00b372

huaweip8Matchgra-l09c432b394

huaweip8Matchgra-l09c605b365

huaweip8Matchgra-ul00c605b365

huaweip8Matchgra-ul10c185b387

huaweip8Matchgra-ul10c432b394

huaweip8Matchgra-ul10c636b369

huaweip8\[1\]Matchale-l02c635b568

huaweip8\[1\]Matchale-l21c10b541

huaweip8\[1\]Matchale-l21c185b568

huaweip8\[1\]Matchale-l21c432b597

huaweip8\[1\]Matchale-l23c605b535

huaweip9Matcheva-l09c185b385

huaweip9Matcheva-l09c432b383

huaweip9Matcheva-l09c605b385

huaweip9Matcheva-l09c635b380

huaweip9Matcheva-l09c636b380

huaweip9Matcheva-l19c10b380

huaweip9Matcheva-l19c185b385

huaweip9Matcheva-l19c432b383

huaweip9Matcheva-l19c605b385

huaweip9Matcheva-l19c636b381

huaweip9Matcheva-l29c20b386

huaweip9Matcheva-l29c636b380

huaweip9Matchvns-l21c10b380

huaweip9Matchvns-l21c185b380

huaweip9Matchvns-l21c432b371

huaweip9Matchvns-l22c635b181

huaweip9Matchvns-l22c635b380

huaweip9Matchvns-l22c636b380

huaweip9Matchvns-l31c109b350

huaweip9Matchvns-l31c185b380

huaweip9Matchvns-l31c432b371

huaweip9Matchvns-l31c464b382

huaweip9Matchvns-l31c636b385

huaweip9_plusMatchvie-l09c318b182

huaweip9_plusMatchvie-l09c432b370

huaweip9_plusMatchvie-l09c605b361

huaweip9_plusMatchvie-l29c10b381

huaweip9_plusMatchvie-l29c185b380

huaweip9_plusMatchvie-l29c605b361

huaweip9_plusMatchvie-l29c636b370

CPENameOperatorVersion
gt3eqNMO-L23C605B350
gt3eqNMO-L31C10B351
gt3eqNMO-L31C185B352
gt3eqNMO-L31C432B350
gt3eqNMO-L31C464B350
gt3eqNMO-L31C636B351
honor 5aeqCAM-L03C110B150
honor 5aeqCAM-L03C178B152
honor 5aeqCAM-L03C688B151
honor 5aeqCAM-L03DOMC109B125

Name	Operator	Version
gt3	eq	NMO-L23C605B350
gt3	eq	NMO-L31C10B351
gt3	eq	NMO-L31C185B352
gt3	eq	NMO-L31C432B350
gt3	eq	NMO-L31C464B350
gt3	eq	NMO-L31C636B351
honor 5a	eq	CAM-L03C110B150
honor 5a	eq	CAM-L03C178B152
honor 5a	eq	CAM-L03C688B151
honor 5a	eq	CAM-L03DOMC109B125

Rows per page:

1-10 of 971

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

27.3%

JSON

Related for HUAWEI-SA-20170323-01-SMARTPHONE