Vulnerability Description
BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Beethoven-W09A Firmware | btv-w09c229b002custc229d005 |
| Huawei | Beethoven-W09A | - |
| Huawei | Crr-L09 Firmware | < crr-l09c432b390 |
| Huawei | Crr-L09 | - |
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-enIssue TrackingVendor Advisory
- http://www.securityfocus.com/bid/98712Third Party AdvisoryVDB Entry
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-enIssue TrackingVendor Advisory
- http://www.securityfocus.com/bid/98712Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-2710?
CVE-2017-2710 is a vulnerability with a CVSS score of 4.6 (MEDIUM). BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, ea...
How severe is CVE-2017-2710?
CVE-2017-2710 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2710?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Beethoven-W09A Firmware, Huawei Beethoven-W09A, Huawei Crr-L09 Firmware, Huawei Crr-L09.