Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Honor 5S by Huawei Technologies Co., Ltd.

    CVE-2017-8152 (GCVE-0-2017-8152)

    Vulnerability from nvd – Published: 2017-11-22 19:00 – Updated: 2024-09-17 01:06
    VLAI
    Summary
    Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings.
    Severity
    No CVSS data available.
    CWE
    • FRP bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. Honor 5S Affected: The versions before TAG-TL00C01B173
    Create a notification for this product.
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:27:22.832Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Honor 5S",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "The versions before TAG-TL00C01B173"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "FRP bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-22T18:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2017-11-15T00:00:00",
              "ID": "CVE-2017-8152",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor 5S",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "The versions before TAG-TL00C01B173"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "FRP bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-8152",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:06:50.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8151 (GCVE-0-2017-8151)

    Vulnerability from nvd – Published: 2017-11-22 19:00 – Updated: 2024-09-16 20:57
    VLAI
    Summary
    Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user's smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without authentication.
    Severity
    No CVSS data available.
    CWE
    • Authentication Bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. Honor 5S Affected: The versions before TAG-TL00C01B173
    Create a notification for this product.
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:27:22.800Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-03-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Honor 5S",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "The versions before TAG-TL00C01B173"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user\u0027s smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without authentication."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication Bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-22T18:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-03-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2017-11-15T00:00:00",
              "ID": "CVE-2017-8151",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor 5S",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "The versions before TAG-TL00C01B173"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user\u0027s smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without authentication."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication Bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-03-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-03-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-8151",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:57:56.269Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8152 (GCVE-0-2017-8152)

    Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-17 01:06
    VLAI
    Summary
    Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings.
    Severity
    No CVSS data available.
    CWE
    • FRP bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. Honor 5S Affected: The versions before TAG-TL00C01B173
    Create a notification for this product.
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:27:22.832Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Honor 5S",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "The versions before TAG-TL00C01B173"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "FRP bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-22T18:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2017-11-15T00:00:00",
              "ID": "CVE-2017-8152",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor 5S",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "The versions before TAG-TL00C01B173"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "FRP bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170901-02-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-8152",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:06:50.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8151 (GCVE-0-2017-8151)

    Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-16 20:57
    VLAI
    Summary
    Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user's smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without authentication.
    Severity
    No CVSS data available.
    CWE
    • Authentication Bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. Honor 5S Affected: The versions before TAG-TL00C01B173
    Create a notification for this product.
    Date Public
    2017-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:27:22.800Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-03-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Honor 5S",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "The versions before TAG-TL00C01B173"
                }
              ]
            }
          ],
          "datePublic": "2017-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user\u0027s smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without authentication."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication Bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-22T18:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-03-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2017-11-15T00:00:00",
              "ID": "CVE-2017-8151",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor 5S",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "The versions before TAG-TL00C01B173"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user\u0027s smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without authentication."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication Bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-03-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-03-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-8151",
        "datePublished": "2017-11-22T19:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:57:56.269Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }