Authentication flaw

2017-11-2219:29:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.3%

JSON

Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting.

CPENameOperatorVersion
mate_9_firmwareeq< mha-al0bc0b156
mate_9_firmwareeq< mha-cl0bc0b156
mate_9_firmwareeq< mha-dl0bc0b156
mate_9_firmwareeq< mha-tl0bc0b156
p9_firmwareeq< eva-al10c0b373
p9_firmwareeq< eva-cl10c0b373
p9_firmwareeq< eva-dl10c0b373
p9_firmwareeq< eva-tl10c0b373

Name	Operator	Version
mate_9_firmware	eq	< mha-al0bc0b156
mate_9_firmware	eq	< mha-cl0bc0b156
mate_9_firmware	eq	< mha-dl0bc0b156
mate_9_firmware	eq	< mha-tl0bc0b156
p9_firmware	eq	< eva-al10c0b373
p9_firmware	eq	< eva-cl10c0b373
p9_firmware	eq	< eva-dl10c0b373
p9_firmware	eq	< eva-tl10c0b373