CVE-2017-8152

EPSS 0.03%
Published 22.11.2017 19:29:03
Last modified 20.04.2025 01:37:25
Source psirt@huawei.com
Teams watchlist Login
Open Login

Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Honor 5s Firmware Version < tag-tl00c01b173

Huawei ≫ Honor 5s Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.058

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	0.9	3.6	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:C/A:N

CWE-358 Improperly Implemented Security Check for Standard

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-8152

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-8152

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-8152

EUVD