CVE-2017-2721

Name of the Vulnerable Software and Affected Versions Huawei smart phones with software versions Berlin-L21C10B130 through Berlin-L21C185B133 Huawei smart phones with software versions Berlin-L21HNC10B131 through Berlin-L21HNC185B140 Huawei smart phones with software versions Berlin-L21HNC432B151 Huawei smart phones with software versions Berlin-L22C636B160 Huawei smart phones with software versions Berlin-L22HNC636B130 Huawei smart phones with software versions Berlin-L22HNC675B150CUSTC675D001 Huawei smart phones with software versions Berlin-L23C605B131 Huawei smart phones with software versions Berlin-L24HNC567B110 Huawei smart phones with software versions FRD-L02C432B120 Huawei smart phones with software versions FRD-L02C635B130 Huawei smart phones with software versions FRD-L02C675B170CUSTC675D001 Huawei smart phones with software versions FRD-L04C567B162 Huawei smart phones with software versions FRD-L04C605B131 Huawei smart phones with software versions FRD-L09C10B130 Huawei smart phones with software versions FRD-L09C185B130 Huawei smart phones with software versions FRD-L09C432B131 Huawei smart phones with software versions FRD-L09C636B130 Huawei smart phones with software versions FRD-L14C567B162 Huawei smart phones with software versions FRD-L19C10B130 Huawei smart phones with software versions FRD-L19C432B131 Huawei smart phones with software versions FRD-L19C636B130

Description The issue concerns a Factory Reset Protection (FRP) bypass security vulnerability. An attacker can exploit this by using the Swype Keyboard to login to the configuration flow during a factory reset, allowing them to update the Google account and bypass the FRP function.

Recommendations For each of the affected software versions, a specific fix is not provided, thus: At the moment, there is no information about a newer version that contains a fix for this vulnerability.