CVE-2017-2721
First published: Wed Nov 22 2017(Updated: )
Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Berlin-L21 | =berlin-l21c10b130 | |
| Huawei Berlin-L21 | =berlin-l21c185b133 | |
| Huawei Berlin-L21 | ||
| Huawei Berlin-L21HN | =berlin-l21hnc10b131 | |
| Huawei Berlin-L21HN | =berlin-l21hnc185b140 | |
| Huawei Berlin-L21HN | =berlin-l21hnc432b151 | |
| Huawei Berlin-L21 | ||
| Huawei Berlin-l22 Firmware | =berlin-l22c636b160 | |
| Huawei Berlin-l22 Firmware | ||
| Huawei Berlin-l22hn | =berlin-l22hnc636b130 | |
| Huawei Berlin-l22hn | =berlin-l22hnc675b150custc675d001 | |
| Huawei Berlin-l22hn Firmware | ||
| Huawei Berlin-l23 | =berlin-l23c605b131 | |
| Huawei Berlin-l23 Firmware | ||
| Huawei Berlin-l24hn | =berlin-l24hnc567b110 | |
| Huawei Berlin-l24hn Firmware | ||
| Huawei FRD-L02 | =frd-l02c432b120 | |
| Huawei FRD-L02 | =frd-l02c635b130 | |
| Huawei FRD-L02 | =frd-l02c675b170custc675d001 | |
| Huawei FRD-L02 Firmware | ||
| Huawei Frd-l04 Firmware | =frd-l04c567b162 | |
| Huawei Frd-l04 Firmware | =frd-l04c605b131 | |
| Huawei Frd-l04 Firmware | ||
| Huawei Frd-l09 | =frd-l09c10b130 | |
| Huawei Frd-l09 | =frd-l09c185b130 | |
| Huawei Frd-l09 | =frd-l09c432b131 | |
| Huawei Frd-l09 | =frd-l09c636b130 | |
| Huawei Frd-l09 Firmware | ||
| Huawei Frd-l14 | =frd-l14c567b162 | |
| Huawei FRD-L14 Firmware | ||
| Huawei Frd-l19 | =frd-l19c10b130 | |
| Huawei Frd-l19 | =frd-l19c432b131 | |
| Huawei Frd-l19 | =frd-l19c636b130 | |
| Huawei Frd-l19 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-2721?
CVE-2017-2721 has been classified as a high severity vulnerability.
How does CVE-2017-2721 affect Huawei devices?
CVE-2017-2721 specifically affects certain Huawei smartphones with specified firmware versions allowing an escalation of privileges.
How do I fix CVE-2017-2721?
To fix CVE-2017-2721, users should update their Huawei devices to the latest firmware version available.
Which Huawei devices are vulnerable to CVE-2017-2721?
CVE-2017-2721 affects multiple models including Huawei Berlin-L21, Berlin-L22, FRD-L02, and others with certain firmware versions.
Is there a workaround for CVE-2017-2721?
No official workaround is provided for CVE-2017-2721, making firmware updates the necessary remediation.
- agent/type
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei berlin-l21
- version/huawei berlin-l21/berlin-l21c10b130
- version/huawei berlin-l21/berlin-l21c185b133
- canonical/huawei berlin-l21hn
- version/huawei berlin-l21hn/berlin-l21hnc10b131
- version/huawei berlin-l21hn/berlin-l21hnc185b140
- version/huawei berlin-l21hn/berlin-l21hnc432b151
- canonical/huawei berlin-l22 firmware
- version/huawei berlin-l22 firmware/berlin-l22c636b160
- canonical/huawei berlin-l22hn
- version/huawei berlin-l22hn/berlin-l22hnc636b130
- version/huawei berlin-l22hn/berlin-l22hnc675b150custc675d001
- canonical/huawei berlin-l22hn firmware
- canonical/huawei berlin-l23
- version/huawei berlin-l23/berlin-l23c605b131
- canonical/huawei berlin-l23 firmware
- canonical/huawei berlin-l24hn
- version/huawei berlin-l24hn/berlin-l24hnc567b110
- canonical/huawei berlin-l24hn firmware
- canonical/huawei frd-l02
- version/huawei frd-l02/frd-l02c432b120
- version/huawei frd-l02/frd-l02c635b130
- version/huawei frd-l02/frd-l02c675b170custc675d001
- canonical/huawei frd-l02 firmware
- canonical/huawei frd-l04 firmware
- version/huawei frd-l04 firmware/frd-l04c567b162
- version/huawei frd-l04 firmware/frd-l04c605b131
- canonical/huawei frd-l09
- version/huawei frd-l09/frd-l09c10b130
- version/huawei frd-l09/frd-l09c185b130
- version/huawei frd-l09/frd-l09c432b131
- version/huawei frd-l09/frd-l09c636b130
- canonical/huawei frd-l09 firmware
- canonical/huawei frd-l14
- version/huawei frd-l14/frd-l14c567b162
- canonical/huawei frd-l14 firmware
- canonical/huawei frd-l19
- version/huawei frd-l19/frd-l19c10b130
- version/huawei frd-l19/frd-l19c432b131
- version/huawei frd-l19/frd-l19c636b130
- canonical/huawei frd-l19 firmware