Vulnerability Description
Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.uawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Honor 6X Firmware | <= berlin-l22c636b150 |
| Huawei | Honor 6X | - |
References
- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170323-01-smVendor Advisory
- http://www.securityfocus.com/bid/97042Third Party AdvisoryVDB Entry
- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170323-01-smVendor Advisory
- http://www.securityfocus.com/bid/97042Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-2728?
CVE-2017-2728 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the smart unlock function, an attacker can impersonate...
How severe is CVE-2017-2728?
CVE-2017-2728 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2728?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor 6X Firmware, Huawei Honor 6X.