CVE-2016-8776
Severity Score
4.6
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account.
Teléfonos Huawei P9 con software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 y teléfonos P9 Lite con software VNS-L21C185 permiten a atacantes eludir la protección de restablecimiento de fábrica (FRP) para introducir algunos módulos funcionales sin autorización y realizar operaciones para actualizar la cuenta de Google.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-10-18 CVE Reserved
- 2017-04-02 CVE Published
- 2017-10-08 First Exploit
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-285: Improper Authorization
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/94836 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://github.com/akzedevops/CVE-2016-8776 | 2017-10-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en | 2017-04-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | P9 Firmware Search vendor "Huawei" for product "P9 Firmware" | eva-al10c00 Search vendor "Huawei" for product "P9 Firmware" and version "eva-al10c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | P9 Search vendor "Huawei" for product "P9" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | P9 Firmware Search vendor "Huawei" for product "P9 Firmware" | eva-cl10c00 Search vendor "Huawei" for product "P9 Firmware" and version "eva-cl10c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | P9 Search vendor "Huawei" for product "P9" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | P9 Firmware Search vendor "Huawei" for product "P9 Firmware" | eva-dl10c00 Search vendor "Huawei" for product "P9 Firmware" and version "eva-dl10c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | P9 Search vendor "Huawei" for product "P9" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | P9 Firmware Search vendor "Huawei" for product "P9 Firmware" | eva-tl10c00 Search vendor "Huawei" for product "P9 Firmware" and version "eva-tl10c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | P9 Search vendor "Huawei" for product "P9" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | P9 Lite Firmware Search vendor "Huawei" for product "P9 Lite Firmware" | vns-l21c185 Search vendor "Huawei" for product "P9 Lite Firmware" and version "vns-l21c185" | - |
Affected
| in | Huawei Search vendor "Huawei" | P9 Lite Search vendor "Huawei" for product "P9 Lite" | - | - |
Safe
|