CVE-2017-2705
Last modified
CVE-2017-2705 is a vulnerability of currently unknown severity. Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone.. EPSS estimates a 0.23% chance of exploitation in the next 30 days.
Description
Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | P9 Firmware | < eva-al00c00b365 |
| Huawei | P9 Firmware | < eva-al10c00b365 |
| Huawei | P9 Firmware | < eva-cl00c92b365 |
| Huawei | P9 Firmware | < eva-dl00c17b365 |
| Huawei | P9 Firmware | < eva-tl00c01b365 |
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-enIssue Tracking, Vendor Advisory
- http://www.securityfocus.com/bid/95661Third Party Advisory, VDB Entry
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-enIssue Tracking, Vendor Advisory
- http://www.securityfocus.com/bid/95661Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-2705?
How severe is CVE-2017-2705?
How do I fix CVE-2017-2705?
Are you affected by CVE-2017-2705?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST