medium
4.6
CWE
287
Advisory Published
Updated

CVE-2017-2721

First published: Wed Nov 22 2017(Updated: )

Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed.

Credit: psirt@huawei.com

Affected SoftwareAffected VersionHow to fix
Huawei Berlin-l21 Firmware=berlin-l21c10b130
Huawei Berlin-l21 Firmware=berlin-l21c185b133
Huawei Berlin-l21
Huawei Berlin-l21hn Firmware=berlin-l21hnc10b131
Huawei Berlin-l21hn Firmware=berlin-l21hnc185b140
Huawei Berlin-l21hn Firmware=berlin-l21hnc432b151
Huawei Berlin-l21hn
Huawei Berlin-l22 Firmware=berlin-l22c636b160
Huawei Berlin-l22
Huawei Berlin-l22hn Firmware=berlin-l22hnc636b130
Huawei Berlin-l22hn Firmware=berlin-l22hnc675b150custc675d001
Huawei Berlin-l22hn
Huawei Berlin-l23 Firmware=berlin-l23c605b131
Huawei Berlin-l23
Huawei Berlin-l24hn Firmware=berlin-l24hnc567b110
Huawei Berlin-l24hn
Huawei Frd-l02 Firmware=frd-l02c432b120
Huawei Frd-l02 Firmware=frd-l02c635b130
Huawei Frd-l02 Firmware=frd-l02c675b170custc675d001
Huawei Frd-l02
Huawei Frd-l04 Firmware=frd-l04c567b162
Huawei Frd-l04 Firmware=frd-l04c605b131
Huawei Frd-l04
Huawei Frd-l09 Firmware=frd-l09c10b130
Huawei Frd-l09 Firmware=frd-l09c185b130
Huawei Frd-l09 Firmware=frd-l09c432b131
Huawei Frd-l09 Firmware=frd-l09c636b130
Huawei Frd-l09
Huawei Frd-l14 Firmware=frd-l14c567b162
Huawei Frd-l14
Huawei Frd-l19 Firmware=frd-l19c10b130
Huawei Frd-l19 Firmware=frd-l19c432b131
Huawei Frd-l19 Firmware=frd-l19c636b130
Huawei Frd-l19

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203