CVE-2017-17145
https://notcve.org/view.php?id=CVE-2017-17145
Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00AC00B135 have an authentication bypass vulnerability due to the improper design of a component. An attacker who get a user's smart phone can execute specific operation, and delete the fingerprint of the phone without authentication. Los smartphones Huawei Honor V9 Play con versiones anteriores a Jimmy-AL00AC00B135 tienen una vulnerabilidad de omisión de autenticación debido a un diseño incorrecto de un componente. Un atacante que consiga el smartphone de un usuario puede ejecutar operaciones específicas y eliminar la huella del teléfono sin autenticación. • http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-03-smartphone-en •
CVE-2017-15351
https://notcve.org/view.php?id=CVE-2017-15351
The 'Find Phone' function in Huawei Honor V9 play smart phones with versions earlier than Jimmy-AL00AC00B135 has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally. La función "Find Phone" en los smartphones Huawei Honor V9 play con versiones anteriores a la Jimmy-AL00AC00B135 tiene una vulnerabilidad de omisión de autenticación. Esto se debe a la realización indebida de la autenticación en la función "Find Phone". • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-smartphone-en • CWE-287: Improper Authentication •
CVE-2017-8215
https://notcve.org/view.php?id=CVE-2017-8215
Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have a permission control vulnerability. An attacker with the system privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. Los smartphones Huawei Honor 8, Honor V8, Honor 9, Honor V9, Nova 2, Nova 2 Plus, P9, P10 Plus y Toronto con versiones de software anteriores a FRD-AL00C00B391, FRD-DL00C00B391, KNT-AL10C00B391, KNT-AL20C00B391, KNT-UL10C00B391, KNT-TL10C00B391, Stanford-AL00C00B175, Stanford-AL10C00B175, Stanford-TL00C01B175, Duke-AL20C00B191, Duke-TL30C01B191, Picasso-AL00C00B162, Picasso-TL00C01B162 , Barca-AL00C00B162, Barca-TL00C00B162, EVA-AL10C00B396SP03, EVA-CL00C92B396, EVA-DL00C17B396, EVA-TL00C01B396 , Vicky-AL00AC00B172, Toronto-AL00AC00B191 y Toronto-TL10C01B191 tienen una vulnerabilidad de control de permisos. Un atacante con privilegios de sistema de un móvil puede explotar esta vulnerabilidad para omitir la verificación del código de desbloqueo y desbloquear el cargador de arranque del teléfono móvil. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170807-01-smartphone-en •
CVE-2017-8214
https://notcve.org/view.php?id=CVE-2017-8214
Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have an unlock code verification bypassing vulnerability. An attacker with the root privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. Los smartphones Huawei Honor 8, Honor V8, Honor 9, Honor V9, Nova 2, Nova 2 Plus, P9, P10 Plus y Toronto con versiones de software anteriores a FRD-AL00C00B391, FRD-DL00C00B391, KNT-AL10C00B391, KNT-AL20C00B391, KNT-UL10C00B391, KNT-TL10C00B391, Stanford-AL00C00B175, Stanford-AL10C00B175, Stanford-TL00C01B175, Duke-AL20C00B191, Duke-TL30C01B191, Picasso-AL00C00B162, Picasso-TL00C01B162 , Barca-AL00C00B162, Barca-TL00C00B162, EVA-AL10C00B396SP03, EVA-CL00C92B396, EVA-DL00C17B396, EVA-TL00C01B396 , Vicky-AL00AC00B172, Toronto-AL00AC00B191 y Toronto-TL10C01B191 tienen una vulnerabilidad de omisión de verificación de código de desbloqueo. Un atacante con privilegios root de un móvil puede explotar esta vulnerabilidad para omitir la verificación del código de desbloqueo y desbloquear el cargador de arranque del teléfono móvil. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170807-01-smartphone-en • CWE-287: Improper Authentication •
CVE-2017-8166
https://notcve.org/view.php?id=CVE-2017-8166
Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone. Los smartphones Huawei Honor V9 con versiones de software anteriores a Duke-AL20C00B195 tienen una vulnerabilidad de omisión de App Lock. Un atacante podría realizar operaciones específicas para omitir App Lock para utilizar apps en el teléfono objetivo. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171019-01-smartphone-en •