{"containers": {"cna": {"affected": [{"product": "Berlin-L21,Berlin-L21HN,Berlin-L22,Berlin-L22HN,Berlin-L23,Berlin-L24HN,FRD-L02,FRD-L04,FRD-L09,FRD-L14,FRD-L19,", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130,"}]}], "datePublic": "2017-11-15T00:00:00", "descriptions": [{"lang": "en", "value": "Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed."}], "problemTypes": [{"descriptions": [{"description": "FRP Bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-22T18:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "DATE_PUBLIC": "2017-11-15T00:00:00", "ID": "CVE-2017-2721", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Berlin-L21,Berlin-L21HN,Berlin-L22,Berlin-L22HN,Berlin-L23,Berlin-L24HN,FRD-L02,FRD-L04,FRD-L09,FRD-L14,FRD-L19,", "version": {"version_data": [{"version_value": "Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130,"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "FRP Bypass"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T14:02:07.541Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-2721", "datePublished": "2017-11-22T19:00:00Z", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2024-09-16T19:56:17.268Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berlin-l21_firmware:berlin-l21c10b130:*:*:*:*:*:*:*", "matchCriteriaId": "5D190578-F8E6-42A0-81B4-C33AC051370D", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:berlin-l21_firmware:berlin-l21c185b133:*:*:*:*:*:*:*", "matchCriteriaId": "6BA23A15-22A5-4424-904F-0D11B865D457", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berlin-l21:-:*:*:*:*:*:*:*", "matchCriteriaId": "C723516F-04EB-48E5-9057-7FB1DACB5D28", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc10b131:*:*:*:*:*:*:*", "matchCriteriaId": "9FFE0AB8-C343-49D9-A8FA-62A716054321", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc185b140:*:*:*:*:*:*:*", "matchCriteriaId": "FDA9E3BF-4F10-4181-9BA8-1260BCD76771", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:berlin-l21hn_firmware:berlin-l21hnc432b151:*:*:*:*:*:*:*", "matchCriteriaId": "35D67B5C-C1BC-4D95-8F14-19A0A6CDB14B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berlin-l21hn:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2E8FDB9-B279-4D37-BBC3-9625AB5E42DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berlin-l22_firmware:berlin-l22c636b160:*:*:*:*:*:*:*", "matchCriteriaId": "DD33173D-04F8-42B5-845A-649BE0BC1FE1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berlin-l22:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A1D3863-B8D9-4D1B-BA06-C88E65FFF74F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berlin-l22hn_firmware:berlin-l22hnc636b130:*:*:*:*:*:*:*", "matchCriteriaId": "FDA42835-4E1B-48EF-A479-AF4C87C8FBEA", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:berlin-l22hn_firmware:berlin-l22hnc675b150custc675d001:*:*:*:*:*:*:*", "matchCriteriaId": "8F16F024-D188-407C-8EAA-B25748251543", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berlin-l22hn:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D7CE4AF-0685-4F25-9A81-09D2428C0684", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berlin-l23_firmware:berlin-l23c605b131:*:*:*:*:*:*:*", "matchCriteriaId": "D149B33F-FDEE-40C6-BC7E-463F53A443F7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berlin-l23:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EA727F8-6B56-43B2-A7A1-D143CB966244", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:berlin-l24hn_firmware:berlin-l24hnc567b110:*:*:*:*:*:*:*", "matchCriteriaId": "D85173B7-8D3A-4FC2-8AFE-A44B708506F3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:berlin-l24hn:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD5F797F-5F22-4B2A-82E5-B26EBAA786AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c432b120:*:*:*:*:*:*:*", "matchCriteriaId": "BEDE951B-421D-4648-BD77-833E6EA8CBC1", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c635b130:*:*:*:*:*:*:*", "matchCriteriaId": "3F596F50-62B4-4D0F-B794-B416748B00F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:frd-l02_firmware:frd-l02c675b170custc675d001:*:*:*:*:*:*:*", "matchCriteriaId": "013058BA-B3A9-4A17-8E6A-9C2898580BA9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:frd-l02:-:*:*:*:*:*:*:*", "matchCriteriaId": "4523530C-316E-418A-B30B-5D28C25C3D90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:frd-l04_firmware:frd-l04c567b162:*:*:*:*:*:*:*", "matchCriteriaId": "04516652-36D6-45DB-99F3-B4EF0A3C674E", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:frd-l04_firmware:frd-l04c605b131:*:*:*:*:*:*:*", "matchCriteriaId": "FD73846E-EF3A-428C-80AE-02B82262D77B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:frd-l04:-:*:*:*:*:*:*:*", "matchCriteriaId": "6431578F-6072-4B6F-8D7A-58C93CDBB464", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c10b130:*:*:*:*:*:*:*", "matchCriteriaId": "F1079EED-57FE-4792-A39B-CEC4E624B062", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c185b130:*:*:*:*:*:*:*", "matchCriteriaId": "89BF9EA6-2420-4008-AC72-A610079AC62D", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c432b131:*:*:*:*:*:*:*", "matchCriteriaId": "4B53D2F3-38F8-4F8F-B397-65D14CF164AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:frd-l09_firmware:frd-l09c636b130:*:*:*:*:*:*:*", "matchCriteriaId": "9C95304A-332E-401B-A40E-111DB80D07F7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:frd-l09:-:*:*:*:*:*:*:*", "matchCriteriaId": "467AE133-1883-4E8B-AEB8-AAD5E953B285", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:frd-l14_firmware:frd-l14c567b162:*:*:*:*:*:*:*", "matchCriteriaId": "E22544D7-0E95-4C5F-8C49-EA04DBCAAB91", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:frd-l14:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F1AE8A5-460B-4251-A009-03DCCC8083BC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c10b130:*:*:*:*:*:*:*", "matchCriteriaId": "63F0F5CA-B8C5-4A60-94F8-2EAE638DDA7B", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c432b131:*:*:*:*:*:*:*", "matchCriteriaId": "2FB6E5E2-9FC7-4F02-B4DB-5F393BD92B0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:frd-l19_firmware:frd-l19c636b130:*:*:*:*:*:*:*", "matchCriteriaId": "80D012FA-499B-4205-B21A-2D6D330D4784", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:frd-l19:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8AB22BF-628A-4A5F-9813-D7D931E6BD93", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed."}, {"lang": "es", "value": "Algunos smartphones Huawei con software Berlin-L21C10B130, Berlin-L21C185B133, Berlin-L21HNC10B131, Berlin-L21HNC185B140, Berlin-L21HNC432B151, Berlin-L22C636B160, Berlin-L22HNC636B130, Berlin-L22HNC675B150CUSTC675D001, Berlin-L23C605B131, Berlin-L24HNC567B110, FRD-L02C432B120, FRD-L02C635B130, FRD-L02C675B170CUSTC675D001, FRD-L04C567B162,FRD-L04C605B131, FRD-L09C10B130, FRD-L09C185B130, FRD-L09C432B131, FRD-L09C636B130, FRD-L14C567B162, FRD-L19C10B130, FRD-L19C432B131 y FRD-L19C636B130 tienen una vulnerabilidad de seguridad de omisi\u00f3n de Factory Reset Protection (FRP). Al reconfigurar el tel\u00e9fono m\u00f3vil empleando la funci\u00f3n factory reset protection (FRP), un atacante puede iniciar sesi\u00f3n en el flow de configuraci\u00f3n de Swype Keyboard y realizar algunas operaciones para actualizar la cuenta de Google. Como resultado, se omite la funci\u00f3n FRP."}], "id": "CVE-2017-2721", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-22T19:29:01.397", "references": [{"source": "psirt@huawei.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-frpbypass-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}