Vulnerability Details : CVE-2017-8152
Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings.
Products affected by CVE-2017-8152
- cpe:2.3:o:huawei:honor_5s_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-8152
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 30 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-8152
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:C/A:N |
3.9
|
6.9
|
NIST | |
4.6
|
MEDIUM | CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
0.9
|
3.6
|
NIST |
CWE ids for CVE-2017-8152
-
The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-8152
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en
Security Advisory - FRP Bypass Vulnerability in Huawei Honor 5S Smart PhonesVendor Advisory
Jump to