CVE-2017-17145

Published: Mar 9, 2018Modified: Nov 21, 2024

4.6

Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00AC00B135 have an authentication bypass vulnerability due to the improper design of a component. An attacker who get a user's smart phone can execute specific operation, and delete the fingerprint of the phone without authentication.

Affected (1)

Products: Huawei: Honor V9 Play Firmware

1 product

Honor V9 Play Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Honor V9 Play Firmware	Before jimmy-al00ac00b135

Running on/with	Platform Versions
Huawei Honor V9 Play	All versions

References (2)

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-03-smartphone-en

Source: psirt@huawei.com

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-03-smartphone-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.