Vulnerability Details CVE-2017-2721
Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.7%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References
Products affected by CVE-2017-2721
-
cpe:2.3:h:huawei:berlin-l21:-
-
cpe:2.3:h:huawei:berlin-l21hn:-
-
cpe:2.3:h:huawei:berlin-l22:-
-
cpe:2.3:h:huawei:berlin-l22hn:-
-
cpe:2.3:h:huawei:berlin-l23:-
-
cpe:2.3:h:huawei:berlin-l24hn:-
-
cpe:2.3:h:huawei:frd-l02:-
-
cpe:2.3:h:huawei:frd-l04:-
-
cpe:2.3:h:huawei:frd-l09:-
-
cpe:2.3:h:huawei:frd-l14:-
-
cpe:2.3:h:huawei:frd-l19:-
-
cpe:2.3:o:huawei:berlin-l21_firmware:berlin-l21c10b130
-
cpe:2.3:o:huawei:berlin-l21_firmware:berlin-l21c185b133
-
cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc10b131
-
cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc185b140
-
cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc432b151
-
cpe:2.3:o:huawei:berlin-l22_firmware:berlin-l22c636b160
-
cpe:2.3:o:huawei:berlin-l22hn_firmware:berlin-l22hnc636b130
-
cpe:2.3:o:huawei:berlin-l22hn_firmware:berlin-l22hnc675b150custc675d001
-
cpe:2.3:o:huawei:berlin-l23_firmware:berlin-l23c605b131
-
cpe:2.3:o:huawei:berlin-l24hn_firmware:berlin-l24hnc567b110
-
cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c432b120
-
cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c635b130
-
cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c675b170custc675d001
-
cpe:2.3:o:huawei:frd-l04_firmware:frd-l04c567b162
-
cpe:2.3:o:huawei:frd-l04_firmware:frd-l04c605b131
-
cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c10b130
-
cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c185b130
-
cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c432b131
-
cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c636b130
-
cpe:2.3:o:huawei:frd-l14_firmware:frd-l14c567b162
-
cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c10b130
-
cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c432b131
-
cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c636b130