CVE-2017-17326

Name of the Vulnerable Software and Affected Versions: Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; LON-AL00BC00B229

Description: The issue concerns an activation lock bypass. Normally, the smartphone should be activated by the former account after a reset if the 'find my phone' function is enabled. However, the software lacks sufficient protection for the activation lock. An attacker could exploit this to bypass the activation lock and activate the smartphone with a new account after performing a series of operations.

Recommendations: For LON-AL00BC00B139D, update the software to a version that includes a fix for the activation lock bypass issue. For LON-AL00BC00B229, update the software to a version that includes a fix for the activation lock bypass issue. As a temporary workaround, consider disabling the 'find my phone' function until a patch is available.