Description
Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user's password file during the reboot process, then login the phone without screen lock password after reboot.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/95658
Issue Tracking, Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-smartphone-en
Scores
CVSS v3
6.8
EPSS
0.0004
EPSS Percentile
12.6%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
huawei/p9_firmware
< eva-tl00c01b373
Huawei Technologies Co., Ltd./Huawei P9
Versions earlier before EVA-AL10C00B373, Versions earlier before EVA-CL00C92B373, Versions earlier b
Published
Nov 22, 2017
Tracked Since
Feb 18, 2026