PT-2018-5799 · Huawei · Honor 9
Publicado
2018-02-15
·
Atualizado
2018-02-26
·
CVE-2017-15351
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Huawei Honor V9 play smartphones versions prior to Jimmy-AL00AC00B135
Description:
The issue is related to an authentication bypass in the 'Find Phone' function due to improper authentication realization. This allows an attacker to bypass the 'Find Phone' function, enabling normal use of the phone.
Recommendations:
For versions prior to Jimmy-AL00AC00B135, as a temporary workaround, consider disabling the 'Find Phone' function until a patch is available.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Honor 9