Vulnerabilities > CVE-2017-2710 - Unspecified vulnerability in Huawei Beethoven-W09A Firmware and Crr-L09 Firmware

CVSS 4.6 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

low complexity

huawei

NVD

Published: 2017-11-22

Updated: 2024-11-21

Summary

BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Beethoven W09A Firmware Btv-W09C229B002Custc229D005 Huawei Beethoven W09A Firmware Btv-W09C233B029 Huawei Beethoven W09A Firmware - Huawei Beethoven W09A Firmware Btv-W09C100B006Custc100D002 Huawei Beethoven W09A Firmware Btv-W09C128B003Custc128D002 Huawei Beethoven W09A Firmware Btv-W09C199B002Custc199D002 Huawei Beethoven W09A Firmware Btv-W09C209B005Custc209D001 Huawei CRR L09 Firmware - Huawei CRR L09 Firmware Crr-L09C432B390	9
Hardware	Huawei Huawei Beethoven W09A - Huawei CRR L09 -	2

Summary

Vulnerable Configurations

References