CVE-2017-15351
MEDIUMHuawei Honor V9 Play Firmware < Jimmy-AL00AC00B135 - Authentication Bypass in Find Phone Function
Title source: llmDescription
The 'Find Phone' function in Huawei Honor V9 play smart phones with versions earlier than Jimmy-AL00AC00B135 has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-smartphone-en
Scores
CVSS v3
6.8
EPSS
0.0002
EPSS Percentile
6.8%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (1)
huawei/honor_v9_play_firmware
jimmy-al00ac00b135
Published
Feb 15, 2018
Tracked Since
Feb 18, 2026