CVE-2017-2691

Name of the Vulnerable Software and Affected Versions Huawei P9 versions earlier than EVA-AL10C00B373 Huawei P9 versions earlier than EVA-CL00C92B373 Huawei P9 versions earlier than EVA-DL00C17B373 Huawei P9 versions earlier than EVA-TL00C01B373

Description The issue allows an unauthenticated attacker to bypass the lock screen. This can be achieved by forcing the phone into fastboot mode and deleting the user's password file during the reboot process, enabling the attacker to log in without the screen lock password after reboot.

Recommendations For versions earlier than EVA-AL10C00B373, update to EVA-AL10C00B373 or later. For versions earlier than EVA-CL00C92B373, update to EVA-CL00C92B373 or later. For versions earlier than EVA-DL00C17B373, update to EVA-DL00C17B373 or later. For versions earlier than EVA-TL00C01B373, update to EVA-TL00C01B373 or later.