PT-2017-18161 · Huawei · Huawei Honor 5C
Zhang Qing
·
Publicado
2017-11-22
·
Atualizado
2017-12-11
·
CVE-2017-8152
CVSS v2.0
4.9
Média
| Vetor | AV:L/AC:L/Au:N/C:N/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Huawei Honor 5S versions prior to TAG-TL00C01B173
Description
The issue is related to a Factory Reset Protection (FRP) bypass security vulnerability due to improper design. An attacker can access the factory reset page without authorization by dialing a special code, allowing them to restore the phone to its factory settings.
Recommendations
For versions prior to TAG-TL00C01B173, update to version TAG-TL00C01B173 or later to resolve the issue. As a temporary workaround, consider restricting access to the dialer function to minimize the risk of exploitation.
Correção
Improperly Implemented Security Check for Standard
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei Honor 5C