CVE-2017-17145
 
Severity Score
4.6
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00AC00B135 have an authentication bypass vulnerability due to the improper design of a component. An attacker who get a user's smart phone can execute specific operation, and delete the fingerprint of the phone without authentication.
Los smartphones Huawei Honor V9 Play con versiones anteriores a Jimmy-AL00AC00B135 tienen una vulnerabilidad de omisión de autenticación debido a un diseño incorrecto de un componente. Un atacante que consiga el smartphone de un usuario puede ejecutar operaciones específicas y eliminar la huella del teléfono sin autenticación.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-12-04 CVE Reserved
- 2018-03-09 CVE Published
- 2024-08-05 CVE Updated
- 2024-11-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-03-smartphone-en | 2019-10-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Huawei Search vendor "Huawei" | Honor V9 Play Firmware Search vendor "Huawei" for product "Honor V9 Play Firmware" | < jimmy-al00ac00b135 Search vendor "Huawei" for product "Honor V9 Play Firmware" and version " < jimmy-al00ac00b135" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor V9 Play Search vendor "Huawei" for product "Honor V9 Play" | - | - |
Safe
|