CVE-2016-8776 - OpenCVE

Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account.

No CVSS v3.1

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	P9 Lite P9 Firmware P9 Lite Firmware P9

Configuration 1 [-]

AND

OR	cpe:2.3:o:huawei:p9_firmware:eva-al10c00:::::::*
	cpe:2.3:o:huawei:p9_firmware:eva-cl10c00:::::::*
	cpe:2.3:o:huawei:p9_firmware:eva-dl10c00:::::::*
	cpe:2.3:o:huawei:p9_firmware:eva-tl10c00:::::::*

cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:huawei:p9_lite_firmware:vns-l21c185:*:*:*:*:*:*:*

cpe:2.3:h:huawei:p9_lite:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en	Vendor Advisory
http://www.securityfocus.com/bid/94836	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2017-04-02T20:00:00

Updated: 2017-04-03T09:57:01

Reserved: 2016-10-18T00:00:00

Link: CVE-2016-8776

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-04-02T20:59:01.500

Modified: 2017-04-10T20:28:07.127

Link: CVE-2016-8776

JSON object: View

Redhat Information

No data.

CWE

CWE-285

{"containers": {"cna": {"affected": [{"product": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,", "vendor": "n/a", "versions": [{"status": "affected", "version": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,"}]}], "datePublic": "2017-03-27T00:00:00", "descriptions": [{"lang": "en", "value": "Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account."}], "problemTypes": [{"descriptions": [{"description": "Factory Reset Protection (FRP) bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-04-03T09:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"name": "94836", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94836"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2016-8776", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,", "version": {"version_data": [{"version_value": "P9, P9 Lite EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00,VNS-L21C185,"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Factory Reset Protection (FRP) bypass"}]}]}, "references": {"reference_data": [{"name": "94836", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94836"}, {"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"}]}}}}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2016-8776", "datePublished": "2017-04-02T20:00:00", "dateReserved": "2016-10-18T00:00:00", "dateUpdated": "2017-04-03T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p9_firmware:eva-al10c00:*:*:*:*:*:*:*", "matchCriteriaId": "0EA3EDB4-1FA3-4CB9-AD13-2A4E9D359BEF", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:p9_firmware:eva-cl10c00:*:*:*:*:*:*:*", "matchCriteriaId": "B3F74F87-3612-4199-B510-9752D838F3EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:p9_firmware:eva-dl10c00:*:*:*:*:*:*:*", "matchCriteriaId": "318A1B3C-116F-4F0D-BAC9-ADE8CA09344F", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:p9_firmware:eva-tl10c00:*:*:*:*:*:*:*", "matchCriteriaId": "B2CB2748-E2B4-4FAD-8586-3F5F048B042B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1E734BC-513F-4FF6-B4AB-46A3AD8FA9BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p9_lite_firmware:vns-l21c185:*:*:*:*:*:*:*", "matchCriteriaId": "5A9C5E57-8D99-4134-8A79-AD74E7C8C057", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p9_lite:-:*:*:*:*:*:*:*", "matchCriteriaId": "866C3F90-FC3B-4A9F-8BAC-83A89077F96E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account."}, {"lang": "es", "value": "Tel\u00e9fonos Huawei P9 con software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 y tel\u00e9fonos P9 Lite con software VNS-L21C185 permiten a atacantes eludir la protecci\u00f3n de restablecimiento de f\u00e1brica (FRP) para introducir algunos m\u00f3dulos funcionales sin autorizaci\u00f3n y realizar operaciones para actualizar la cuenta de Google."}], "id": "CVE-2016-8776", "lastModified": "2017-04-10T20:28:07.127", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-02T20:59:01.500", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"}, {"source": "psirt@huawei.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94836"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "nvd@nist.gov", "type": "Primary"}]}