7.2

CVE-2017-2691

EPSS 0.04%
Veröffentlicht 22.11.2017 19:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle psirt@huawei.com
CVE-Watchlists
Login
Unerledigt
Login

Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user's password file during the reboot process, then login the phone without screen lock password after reboot.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ P9 Firmware Version < eva-tl00c01b373

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-dl00c17b373

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-cl00c92b373

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-al10c00b373

Huawei ≫ P9 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.093

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-smartphone-en

Vendor Advisory

Issue Tracking

http://www.securityfocus.com/bid/95658

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2017-2691

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-2691

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-2691

EUVD