CVE-2017-2727

Published: Nov 22, 2017 Last Modified: Apr 20, 2025 EU-VD ID: EUVD-2017-11870 Aliases: GSD-2017-2727

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 4,3

Source: [email protected]

Attack Vector: physical

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: low

MEDIUM 4,6

Source: [email protected]

Access Vector: local

Access Complexity: low

Authentication: none

Confidentiality: partial

Integrity: partial

Availability: partial

Description

AI Translation Available

Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a privilege escalation vulnerability. An unauthenticated attacker can bypass phone activation to user management page of the phone and create a new user. Successful exploit could allow the attacker operate part function of the phone.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0003

Percentile

0,1th

Updated

EPSS Score Trend (Last 90 Days)

Operating System

P9 Firmware by Huawei

Product Information

Vendor Huawei

Product P9 Firmware

Version Range Affected

To eva-al10c00b365 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

P9 Firmware by Huawei

Product Information

Vendor Huawei

Product P9 Firmware

Version Range Affected

To eva-cl00c92b365 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

P9 Firmware by Huawei

Product Information

Vendor Huawei

Product P9 Firmware

Version Range Affected

To eva-al00c00b365 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

P9 Firmware by Huawei

Product Information

Vendor Huawei

Product P9 Firmware

Version Range Affected

To eva-dl00c17b365 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

P9 Firmware by Huawei

Product Information

Vendor Huawei

Product P9 Firmware

Version Range Affected

To eva-tl00c01b365 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

http://www.huawei.com/en/psirt/security-advisories/huawei-s…

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170209-01-smartp…

http://www.huawei.com/en/psirt/security-advisories/huawei-s…

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170209-01-smartp…

CVE-2017-2727

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

P9 Firmware by Huawei

Product Information

P9 Firmware by Huawei

Product Information

P9 Firmware by Huawei

Product Information

P9 Firmware by Huawei

Product Information

P9 Firmware by Huawei

Product Information

Iscriviti alla newsletter