PT-2017-15490 · Huawei · Phone Finder

Published

2017-11-22

Updated

2019-10-03

CVE-2017-2703

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Phone Finder versions earlier than MHA-AL00BC00B156 Phone Finder versions earlier than MHA-CL00BC00B156 Phone Finder versions earlier than MHA-DL00BC00B156 Phone Finder versions earlier than MHA-TL00BC00B156 Phone Finder versions earlier than EVA-AL10C00B373 Phone Finder versions earlier than EVA-CL10C00B373 Phone Finder versions earlier than EVA-DL10C00B373 Phone Finder versions earlier than EVA-TL10C00B373

Description The issue allows an attacker to bypass the Phone Finder by following special steps, which enables them to enter the System Setting.

Recommendations For versions earlier than MHA-AL00BC00B156, update to MHA-AL00BC00B156 or later. For versions earlier than MHA-CL00BC00B156, update to MHA-CL00BC00B156 or later. For versions earlier than MHA-DL00BC00B156, update to MHA-DL00BC00B156 or later. For versions earlier than MHA-TL00BC00B156, update to MHA-TL00BC00B156 or later. For versions earlier than EVA-AL10C00B373, update to EVA-AL10C00B373 or later. For versions earlier than EVA-CL10C00B373, update to EVA-CL10C00B373 or later. For versions earlier than EVA-DL10C00B373, update to EVA-DL10C00B373 or later. For versions earlier than EVA-TL10C00B373, update to EVA-TL10C00B373 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-2703

Affected Products

Phone Finder

PT-2017-15490 · Huawei · Phone Finder

CVE-2017-2703

Related Identifiers

Affected Products

References · 4