CVE-2017-8171

Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can perform some operations to bypass the Google account verification. As a result, the FRP function is bypassed.

Published: Nov 22, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-8171
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.6
AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4.9
AV:L/AC:L/Au:N/C:N/I:C/A:N

CWEs:

CWE-668

Affected Software
References

Software	From	Fixed in
huawei / p10_plus_firmware	-	vicky-al00ac00b172d

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-frpbypass-en

Vulnerability Database

290,020

CVE-2017-8171