FKIE_CVE-2017-2721

Vulnerability from fkie_nvd - Published: 2017-11-22 19:29 - Updated: 2025-04-20 01:37
Severity ?
4.6 (Medium) - CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed.
References
psirt@huawei.comhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-enIssue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-enIssue Tracking, Vendor Advisory
Impacted products
Vendor Product Version
huawei berlin-l21_firmware berlin-l21c10b130
huawei berlin-l21_firmware berlin-l21c185b133
huawei berlin-l21 -
huawei berlin-l21hn_firmware berlin-l21hnc10b131
huawei berlin-l21hn_firmware berlin-l21hnc185b140
huawei berlin-l21hn_firmware berlin-l21hnc432b151
huawei berlin-l21hn -
huawei berlin-l22_firmware berlin-l22c636b160
huawei berlin-l22 -
huawei berlin-l22hn_firmware berlin-l22hnc636b130
huawei berlin-l22hn_firmware berlin-l22hnc675b150custc675d001
huawei berlin-l22hn -
huawei berlin-l23_firmware berlin-l23c605b131
huawei berlin-l23 -
huawei berlin-l24hn_firmware berlin-l24hnc567b110
huawei berlin-l24hn -
huawei frd-l02_firmware frd-l02c432b120
huawei frd-l02_firmware frd-l02c635b130
huawei frd-l02_firmware frd-l02c675b170custc675d001
huawei frd-l02 -
huawei frd-l04_firmware frd-l04c567b162
huawei frd-l04_firmware frd-l04c605b131
huawei frd-l04 -
huawei frd-l09_firmware frd-l09c10b130
huawei frd-l09_firmware frd-l09c185b130
huawei frd-l09_firmware frd-l09c432b131
huawei frd-l09_firmware frd-l09c636b130
huawei frd-l09 -
huawei frd-l14_firmware frd-l14c567b162
huawei frd-l14 -
huawei frd-l19_firmware frd-l19c10b130
huawei frd-l19_firmware frd-l19c432b131
huawei frd-l19_firmware frd-l19c636b130
huawei frd-l19 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l21_firmware:berlin-l21c10b130:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D190578-F8E6-42A0-81B4-C33AC051370D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l21_firmware:berlin-l21c185b133:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BA23A15-22A5-4424-904F-0D11B865D457",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:berlin-l21:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C723516F-04EB-48E5-9057-7FB1DACB5D28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc10b131:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FFE0AB8-C343-49D9-A8FA-62A716054321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc185b140:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDA9E3BF-4F10-4181-9BA8-1260BCD76771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc432b151:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D67B5C-C1BC-4D95-8F14-19A0A6CDB14B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:berlin-l21hn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E8FDB9-B279-4D37-BBC3-9625AB5E42DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l22_firmware:berlin-l22c636b160:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD33173D-04F8-42B5-845A-649BE0BC1FE1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:berlin-l22:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A1D3863-B8D9-4D1B-BA06-C88E65FFF74F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l22hn_firmware:berlin-l22hnc636b130:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDA42835-4E1B-48EF-A479-AF4C87C8FBEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l22hn_firmware:berlin-l22hnc675b150custc675d001:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F16F024-D188-407C-8EAA-B25748251543",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:berlin-l22hn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7CE4AF-0685-4F25-9A81-09D2428C0684",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l23_firmware:berlin-l23c605b131:*:*:*:*:*:*:*",
              "matchCriteriaId": "D149B33F-FDEE-40C6-BC7E-463F53A443F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:berlin-l23:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA727F8-6B56-43B2-A7A1-D143CB966244",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:berlin-l24hn_firmware:berlin-l24hnc567b110:*:*:*:*:*:*:*",
              "matchCriteriaId": "D85173B7-8D3A-4FC2-8AFE-A44B708506F3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:berlin-l24hn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD5F797F-5F22-4B2A-82E5-B26EBAA786AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c432b120:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEDE951B-421D-4648-BD77-833E6EA8CBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c635b130:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F596F50-62B4-4D0F-B794-B416748B00F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c675b170custc675d001:*:*:*:*:*:*:*",
              "matchCriteriaId": "013058BA-B3A9-4A17-8E6A-9C2898580BA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:frd-l02:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4523530C-316E-418A-B30B-5D28C25C3D90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:frd-l04_firmware:frd-l04c567b162:*:*:*:*:*:*:*",
              "matchCriteriaId": "04516652-36D6-45DB-99F3-B4EF0A3C674E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:frd-l04_firmware:frd-l04c605b131:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD73846E-EF3A-428C-80AE-02B82262D77B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:frd-l04:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6431578F-6072-4B6F-8D7A-58C93CDBB464",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c10b130:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1079EED-57FE-4792-A39B-CEC4E624B062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c185b130:*:*:*:*:*:*:*",
              "matchCriteriaId": "89BF9EA6-2420-4008-AC72-A610079AC62D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c432b131:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B53D2F3-38F8-4F8F-B397-65D14CF164AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c636b130:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C95304A-332E-401B-A40E-111DB80D07F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:frd-l09:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "467AE133-1883-4E8B-AEB8-AAD5E953B285",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:frd-l14_firmware:frd-l14c567b162:*:*:*:*:*:*:*",
              "matchCriteriaId": "E22544D7-0E95-4C5F-8C49-EA04DBCAAB91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:frd-l14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1AE8A5-460B-4251-A009-03DCCC8083BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c10b130:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F0F5CA-B8C5-4A60-94F8-2EAE638DDA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c432b131:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FB6E5E2-9FC7-4F02-B4DB-5F393BD92B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c636b130:*:*:*:*:*:*:*",
              "matchCriteriaId": "80D012FA-499B-4205-B21A-2D6D330D4784",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:frd-l19:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AB22BF-628A-4A5F-9813-D7D931E6BD93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed."
    },
    {
      "lang": "es",
      "value": "Algunos smartphones Huawei con software Berlin-L21C10B130, Berlin-L21C185B133, Berlin-L21HNC10B131, Berlin-L21HNC185B140, Berlin-L21HNC432B151, Berlin-L22C636B160, Berlin-L22HNC636B130, Berlin-L22HNC675B150CUSTC675D001, Berlin-L23C605B131, Berlin-L24HNC567B110, FRD-L02C432B120, FRD-L02C635B130, FRD-L02C675B170CUSTC675D001, FRD-L04C567B162,FRD-L04C605B131, FRD-L09C10B130, FRD-L09C185B130, FRD-L09C432B131, FRD-L09C636B130, FRD-L14C567B162, FRD-L19C10B130, FRD-L19C432B131 y FRD-L19C636B130 tienen una vulnerabilidad de seguridad de omisi\u00f3n de Factory Reset Protection (FRP). Al reconfigurar el tel\u00e9fono m\u00f3vil empleando la funci\u00f3n factory reset protection (FRP), un atacante puede iniciar sesi\u00f3n en el flow de configuraci\u00f3n de Swype Keyboard y realizar algunas operaciones para actualizar la cuenta de Google. Como resultado, se omite la funci\u00f3n FRP."
    }
  ],
  "id": "CVE-2017-2721",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-11-22T19:29:01.397",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.