cnvd - cnvd-2017-24397

CNVD-2017-24397

Vulnerability from cnvd - Published: 2017-09-03

Title

多款Huawei手机FRP绕过漏洞

Description

Maya-L02、VKY-L09、Vicky-AL00A、Warsaw-AL00等都是华为（Huawei）公司的智能手机。多款Huawei手机存在FRP绕过漏洞。攻击者在进入FRP重新设置手机过程中，通过暗码进入配置流程，进行更新Google account等操作，从而导致FRP功能绕过。

Severity

中

Patch Name

多款Huawei手机FRP绕过漏洞的补丁

Patch Description

Maya-L02、VKY-L09、Vicky-AL00A、Warsaw-AL00等都是华为（Huawei）公司的智能手机。多款Huawei手机存在FRP绕过漏洞。攻击者在进入FRP重新设置手机过程中，通过暗码进入配置流程，进行更新Google account等操作，从而导致FRP功能绕过。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170715-01-frpbypass-cn

Reference

http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170715-01-frpbypass-cn

Impacted products

Name
['Huawei Maya-L02 <Maya-L02C636B126', 'Huawei VKY-L09 <VKY-L29C10B151', 'Huawei VTR-L29 <VTR-L29C10B151', 'Huawei Vicky-AL00A <Vicky-AL00AC00B162', 'Huawei Victoria-AL00A <Victoria-AL00AC00B167', 'Huawei Warsaw-AL00 <Warsaw-AL00C00B200']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-8173"
    }
  },
  "description": "Maya-L02\u3001VKY-L09\u3001Vicky-AL00A\u3001Warsaw-AL00\u7b49\u90fd\u662f\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u667a\u80fd\u624b\u673a\u3002\r\n\r\n\u591a\u6b3eHuawei\u624b\u673a\u5b58\u5728FRP\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5728\u8fdb\u5165FRP\u91cd\u65b0\u8bbe\u7f6e\u624b\u673a\u8fc7\u7a0b\u4e2d\uff0c\u901a\u8fc7\u6697\u7801\u8fdb\u5165\u914d\u7f6e\u6d41\u7a0b\uff0c\u8fdb\u884c\u66f4\u65b0Google account\u7b49\u64cd\u4f5c\uff0c\u4ece\u800c\u5bfc\u81f4FRP\u529f\u80fd\u7ed5\u8fc7\u3002",
  "discovererName": "\u8461\u8404\u7259\u8bb0\u8005Pedro Simoes",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170715-01-frpbypass-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-24397",
  "openTime": "2017-09-03",
  "patchDescription": "Maya-L02\u3001VKY-L09\u3001Vicky-AL00A\u3001Warsaw-AL00\u7b49\u90fd\u662f\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u667a\u80fd\u624b\u673a\u3002\r\n\r\n\u591a\u6b3eHuawei\u624b\u673a\u5b58\u5728FRP\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5728\u8fdb\u5165FRP\u91cd\u65b0\u8bbe\u7f6e\u624b\u673a\u8fc7\u7a0b\u4e2d\uff0c\u901a\u8fc7\u6697\u7801\u8fdb\u5165\u914d\u7f6e\u6d41\u7a0b\uff0c\u8fdb\u884c\u66f4\u65b0Google account\u7b49\u64cd\u4f5c\uff0c\u4ece\u800c\u5bfc\u81f4FRP\u529f\u80fd\u7ed5\u8fc7\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u624b\u673aFRP\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei Maya-L02 \u003cMaya-L02C636B126",
      "Huawei VKY-L09 \u003cVKY-L29C10B151",
      "Huawei VTR-L29 \u003cVTR-L29C10B151",
      "Huawei Vicky-AL00A \u003cVicky-AL00AC00B162",
      "Huawei Victoria-AL00A \u003cVictoria-AL00AC00B167",
      "Huawei Warsaw-AL00 \u003cWarsaw-AL00C00B200"
    ]
  },
  "referenceLink": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170715-01-frpbypass-cn",
  "serverity": "\u4e2d",
  "submitTime": "2017-07-17",
  "title": "\u591a\u6b3eHuawei\u624b\u673aFRP\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2017-8173 (GCVE-0-2017-8173)

Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-16 18:24

Summary

Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart phones with software of earlier than Maya-L02C636B126 versions,earlier than VKY-L29C10B151 versions,earlier than VTR-L29C10B151 versions,earlier than Vicky-AL00AC00B162 versions,earlier than Victoria-AL00AC00B167 versions,earlier than Warsaw-AL00C00B200 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by some secret code and can perform some operations to update the Google account. As a result, the FRP function is bypassed.

Severity ?

No CVSS data available.

CWE

FRP Bypass

Assigner

huawei

References

URL

Tags

http://www.huawei.com/en/psirt/security-advisorie…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00	Affected: Earlier than Maya-L02C636B126 versions,Earlier than VKY-L29C10B151 versions,Earlier than VTR-L29C10B151 versions,Earlier than Vicky-AL00AC00B162 versions,Earlier than Victoria-AL00AC00B167 versions,Earlier than Warsaw-AL00C00B200 versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:27:22.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170715-01-frpbypass-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "Earlier than Maya-L02C636B126 versions,Earlier than VKY-L29C10B151 versions,Earlier than VTR-L29C10B151 versions,Earlier than Vicky-AL00AC00B162 versions,Earlier than Victoria-AL00AC00B167 versions,Earlier than Warsaw-AL00C00B200 versions"
            }
          ]
        }
      ],
      "datePublic": "2017-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart phones with software of earlier than Maya-L02C636B126 versions,earlier than VKY-L29C10B151 versions,earlier than VTR-L29C10B151 versions,earlier than Vicky-AL00AC00B162 versions,earlier than Victoria-AL00AC00B167 versions,earlier than Warsaw-AL00C00B200 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by some secret code and can perform some operations to update the Google account. As a result, the FRP function is bypassed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "FRP Bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-22T18:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170715-01-frpbypass-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "DATE_PUBLIC": "2017-11-15T00:00:00",
          "ID": "CVE-2017-8173",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Earlier than Maya-L02C636B126 versions,Earlier than VKY-L29C10B151 versions,Earlier than VTR-L29C10B151 versions,Earlier than Vicky-AL00AC00B162 versions,Earlier than Victoria-AL00AC00B167 versions,Earlier than Warsaw-AL00C00B200 versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart phones with software of earlier than Maya-L02C636B126 versions,earlier than VKY-L29C10B151 versions,earlier than VTR-L29C10B151 versions,earlier than Vicky-AL00AC00B162 versions,earlier than Victoria-AL00AC00B167 versions,earlier than Warsaw-AL00C00B200 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by some secret code and can perform some operations to update the Google account. As a result, the FRP function is bypassed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "FRP Bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170715-01-frpbypass-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170715-01-frpbypass-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-8173",
    "datePublished": "2017-11-22T19:00:00Z",
    "dateReserved": "2017-04-25T00:00:00",
    "dateUpdated": "2024-09-16T18:24:14.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-24397

CVE-2017-8173 (GCVE-0-2017-8173)

Tags

Sightings

Nomenclature