CVE-2017-8173

Name of the Vulnerable Software and Affected Versions Maya-L02 versions earlier than C636B126 VKY-L09 versions earlier than C10B151 VTR-L29 versions earlier than C10B151 Vicky-AL00A versions earlier than C00B162 Victoria-AL00A versions earlier than C00B167 Warsaw-AL00 versions earlier than C00B200

Description The issue allows an attacker to bypass the Factory Reset Protection (FRP) security feature by using a secret code to login to the configuration flow during a factory reset. This enables the attacker to perform operations that update the Google account, effectively bypassing the FRP function.

Recommendations For Maya-L02 versions earlier than C636B126, update to version C636B126 or later to resolve the issue. For VKY-L09 versions earlier than C10B151, update to version C10B151 or later to resolve the issue. For VTR-L29 versions earlier than C10B151, update to version C10B151 or later to resolve the issue. For Vicky-AL00A versions earlier than C00B162, update to version C00B162 or later to resolve the issue. For Victoria-AL00A versions earlier than C00B167, update to version C00B167 or later to resolve the issue. For Warsaw-AL00 versions earlier than C00B200, update to version C00B200 or later to resolve the issue.