CVE-2017-8161

Published: Nov 22, 2017 Last Modified: Apr 20, 2025 EU-VD ID: EUVD-2017-17123 Aliases: GSD-2017-8161
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 4,6
Source: [email protected]
Attack Vector: physical
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: high
Availability: none
MEDIUM 4,9
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: complete
Availability: none

Description

AI Translation Available

EVA-L09 smartphones with software Earlier than EVA-L09C25B150CUSTC25D003 versions,Earlier than EVA-L09C440B140 versions,Earlier than EVA-L09C464B361 versions,Earlier than EVA-L09C675B320CUSTC675D004 versions have Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Swype and can perform some operations to update the Google account. As a result, the FRP function is bypassed.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0003
Percentile
0,1th
Updated

EPSS Score Trend (Last 90 Days)

668

Exposure of Resource to Wrong Sphere

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Other
Potential Impacts:
Read Application Data Modify Application Data Varies By Context
Applicable Platforms
All platforms may be affected
View CWE Details
Operating System

Eva-L09 by Huawei

Product Information
Vendor Huawei
Product Eva-L09
Version Range Affected
To eva-l09c440b140 (exclusive)
cpe:2.3:o:huawei:eva-l09:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Eva-L09 by Huawei

Product Information
Vendor Huawei
Product Eva-L09
Version Range Affected
To eva-l09c464b361 (exclusive)
cpe:2.3:o:huawei:eva-l09:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Eva-L09 by Huawei

Product Information
Vendor Huawei
Product Eva-L09
Version Range Affected
To eva-l09c25b150custc25d003 (exclusive)
cpe:2.3:o:huawei:eva-l09:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Eva-L09 by Huawei

Product Information
Vendor Huawei
Product Eva-L09
Version Range Affected
To l09c675b320custc675d004 (exclusive)
cpe:2.3:o:huawei:eva-l09:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://www.huawei.com/en/psirt/security-advisories/2017/hua…
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171013-01-f…
http://www.huawei.com/en/psirt/security-advisories/2017/hua…
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171013-01-f…