First published: Wed Nov 22 2017(Updated: )
Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Mate 9 Firmware | <mha-al00bc00b156 | |
Huawei Mate 9 | ||
Huawei Mate 9 Firmware | <mha-cl00bc00b156 | |
Huawei Mate 9 Firmware | <mha-dl00bc00b156 | |
Huawei Mate 9 Firmware | <mha-tl00bc00b156 | |
Huawei P9 Firmware | <eva-al10c00b373 | |
Huawei P9 | ||
Huawei P9 Firmware | <eva-cl10c00b373 | |
Huawei P9 Firmware | <eva-dl10c00b373 | |
Huawei P9 Firmware | <eva-tl10c00b373 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-2703 is a vulnerability in Phone Finder in earlier versions of Huawei Mate 9 and Huawei P9 firmware before the specified versions.
CVE-2017-2703 allows an attacker to gain unauthorized access to the Phone Finder feature in Huawei Mate 9 and Huawei P9 devices.
The severity of CVE-2017-2703 is rated as high, with a severity value of 6.8.
To fix CVE-2017-2703, it is recommended to update your Huawei Mate 9 or Huawei P9 firmware to the specified versions or later.
You can find more information about CVE-2017-2703 on the Huawei website and the SecurityFocus website.