CVE-2017-2728
First published: Wed Nov 15 2017(Updated: )
Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.uawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Honor 6x Firmware | <=berlin-l22c636b150 | |
| Huawei Honor 6x |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2017-2728.
What is the affected software?
The affected software is Huawei Honor 6X with Berlin-L22C636B150 firmware and earlier versions.
What is the severity of CVE-2017-2728?
The severity of CVE-2017-2728 is medium with a CVSSv3 score of 6.4.
How does the vulnerability work?
If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.
Is there a fix for CVE-2017-2728?
Yes, Huawei has released a security advisory detailing the issue and providing recommended updates or patches.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei honor 6x firmware
- version/huawei honor 6x firmware/berlin-l22c636b150
- canonical/huawei honor 6x