PT-2018-5799 · Huawei · Honor 9
Published
2018-02-15
·
Updated
2018-02-26
·
CVE-2017-15351
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Huawei Honor V9 play smartphones versions prior to Jimmy-AL00AC00B135
Description:
The issue is related to an authentication bypass in the 'Find Phone' function due to improper authentication realization. This allows an attacker to bypass the 'Find Phone' function, enabling normal use of the phone.
Recommendations:
For versions prior to Jimmy-AL00AC00B135, as a temporary workaround, consider disabling the 'Find Phone' function until a patch is available.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Honor 9