CVE-2017-2710

Name: CVE-2017-2710
Creator: NVD / NIST
Published: 2017-11-22T19:29:00.943+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.24%

Last modified Jun 17, 2026

CVE-2017-2710 is a vulnerability of currently unknown severity. BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. EPSS estimates a 0.24% chance of exploitation in the next 30 days.

Description

BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed.

Metrics

EPSS Probability

0.24%

14.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Huawei	Beethoven-W09a Firmware	btv-w09c229b002custc229d005
Huawei	Beethoven-W09a Firmware	btv-w09c233b029
Huawei	Beethoven-W09a Firmware	< btv-w09c100b006custc100d002
Huawei	Beethoven-W09a Firmware	< btv-w09c128b003custc128d002
Huawei	Beethoven-W09a Firmware	< btv-w09c199b002custc199d002
Huawei	Beethoven-W09a Firmware	< btv-w09c209b005custc209d001
Huawei	Beethoven-W09a Firmware	< btv-w09c331b002custc331d001
Huawei	Crr-L09 Firmware	< crr-l09c432b390
Huawei	Crr-L09 Firmware	< crr-l09c605b355custc605d003

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-enIssue Tracking, Vendor Advisory
http://www.securityfocus.com/bid/98712Third Party Advisory, VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-enIssue Tracking, Vendor Advisory
http://www.securityfocus.com/bid/98712Third Party Advisory, VDB Entry

Timeline

Published: Nov 22, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-2710?

How severe is CVE-2017-2710?

Severity scoring for CVE-2017-2710 is pending analysis. The EPSS model estimates a 0.24% probability of exploitation in the next 30 days.

How do I fix CVE-2017-2710?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-2710?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST