Vulnerabilities > CVE-2017-8171 - Exposure of Resource to Wrong Sphere vulnerability in Huawei P10 Plus Firmware

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
COMPLETE
Availability impact
NONE
local
low complexity
huawei
CWE-668

Summary

Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can perform some operations to bypass the Google account verification. As a result, the FRP function is bypassed.

Common Weakness Enumeration (CWE)