How severe is CVE-2017-17161?

CVE-2017-17161 has a severity value of 6.8, which is considered high.

How does CVE-2017-17161 affect Huawei smart phones?

CVE-2017-17161 affects Huawei smart phones with software versions earlier than Duke-L09C10B186, Duke-L09C432B187, and Duke-L09C636B186.

Is there a fix for CVE-2017-17161?

Yes, Huawei has released a software update to fix CVE-2017-17161. It is recommended to update your device to the latest software version.

Where can I find more information about CVE-2017-17161?

More information about CVE-2017-17161 can be found on Huawei's Security Advisories website: http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-01-smartphone-en

Vulnerability/
CVE-2017-17161

high

7.2

CWE

287

15/2/2018

3/10/2019

CVE-2017-17161

Q: What is CVE-2017-17161?

CVE-2017-17161 is an authentication bypass vulnerability found in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions.

First published: Thu Feb 15 2018(Updated: )

The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei Duke-l09 Firmware	<duke-l09c10b186
Huawei Duke-l09
Huawei Duke-l09 Firmware	<duke-l09c432b187
Huawei Duke-l09 Firmware	<duke-l09c636b186

Never miss a vulnerability like this again

Reference Links

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-01-smartphone-en

Frequently Asked Questions

What is CVE-2017-17161?
CVE-2017-17161 is an authentication bypass vulnerability found in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions.
How severe is CVE-2017-17161?
CVE-2017-17161 has a severity value of 6.8, which is considered high.
How does CVE-2017-17161 affect Huawei smart phones?
CVE-2017-17161 affects Huawei smart phones with software versions earlier than Duke-L09C10B186, Duke-L09C432B187, and Duke-L09C636B186.
Is there a fix for CVE-2017-17161?
Yes, Huawei has released a software update to fix CVE-2017-17161. It is recommended to update your device to the latest software version.
Where can I find more information about CVE-2017-17161?
More information about CVE-2017-17161 can be found on Huawei's Security Advisories website: http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-01-smartphone-en

collector/nvd-index
agent/references
agent/weakness
agent/severity
agent/author
agent/tags
agent/type
agent/description
agent/event
agent/last-modified-date
vendor/huawei
canonical/huawei duke-l09 firmware
canonical/huawei duke-l09

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.