CVE-2017-8214
First published: Wed Nov 22 2017(Updated: )
Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have an unlock code verification bypassing vulnerability. An attacker with the root privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Honor 8 Firmware | <frd-al00c00b391 | |
| Huawei Honor 8 | ||
| Huawei Honor 8 Firmware | <frd-dl00c00b391 | |
| Huawei Honor V8 Firmware | <knt-al10c00b391 | |
| Huawei Honor V8 | ||
| Huawei Honor V8 Firmware | <knt-al20c00b391 | |
| Huawei Honor V8 Firmware | <knt-ul10c00b391 | |
| Huawei Honor V8 Firmware | <knt-tl10c00b391 | |
| Huawei Honor 9 Firmware | <stanford-al00c00b175 | |
| Huawei Honor 9 | ||
| Huawei Honor 9 Firmware | <stanford-al10c00b175 | |
| Huawei Honor 9 Firmware | <stanford-tl00c01b175 | |
| Huawei Honor V9 Firmware | <duke-al20c00b191 | |
| Huawei Honor V9 | ||
| Huawei Honor V9 Firmware | <duke-tl30c01b191 | |
| Huawei Nova 2 Firmware | <picasso-al00c00b162 | |
| Huawei Nova 2 | ||
| Huawei Nova 2 Firmware | <picasso-tl00c01b162 | |
| Huawei Nova 2 Plus Firmware | <barca-al00c00b162 | |
| Huawei Nova 2 Plus | ||
| Huawei Nova 2 Plus Firmware | <barca-tl00c00b162 | |
| Huawei P9 Firmware | <eva-al10c00b396sp03 | |
| Huawei P9 | ||
| Huawei P9 Firmware | <eva-cl00c92b396 | |
| Huawei P9 Firmware | <eva-dl00c17b396 | |
| Huawei P9 Firmware | <eva-tl00c01b396 | |
| Huawei P10 Plus Firmware | <vicky-al00ac00b172 | |
| Huawei P10 Plus | ||
| Huawei Toronto Firmware | <toronto-al00ac00b191 | |
| Huawei Toronto | ||
| Huawei Toronto Firmware | <toronto-tl10c01b191 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-8214?
The severity of CVE-2017-8214 is high with a severity value of 6.2.
Which Huawei smartphones are affected by CVE-2017-8214?
Huawei smartphones including Honor 8, Honor V8, Honor 9, Honor V9, Nova 2, Nova 2 Plus, P9, P10 Plus, and Toronto Huawei smart phones with software versions earlier than FRD-AL00C00B391, FRD-DL00C00B391, KNT-AL10C00B391, KNT-AL20C00B391, KNT-UL10C00B391, and more are affected by CVE-2017-8214.
What is the vulnerable version of Huawei Honor 8 firmware?
The vulnerable version of Huawei Honor 8 firmware is earlier than FRD-AL00C00B391 and FRD-DL00C00B391.
How can I fix CVE-2017-8214?
To fix CVE-2017-8214, you need to update your Huawei smartphone software to versions FRD-AL00C00B391, FRD-DL00C00B391, KNT-AL10C00B391, KNT-AL20C00B391, KNT-UL10C00B391, or later.
Where can I find more information about CVE-2017-8214?
You can find more information about CVE-2017-8214 on the Huawei website's security advisories page.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei honor 8 firmware
- canonical/huawei honor 8
- canonical/huawei honor v8 firmware
- canonical/huawei honor v8
- canonical/huawei honor 9 firmware
- canonical/huawei honor 9
- canonical/huawei honor v9 firmware
- canonical/huawei honor v9
- canonical/huawei nova 2 firmware
- canonical/huawei nova 2
- canonical/huawei nova 2 plus firmware
- canonical/huawei nova 2 plus
- canonical/huawei p9 firmware
- canonical/huawei p9
- canonical/huawei p10 plus firmware
- canonical/huawei p10 plus
- canonical/huawei toronto firmware
- canonical/huawei toronto