A vulnerability has been found in Huawei P9 and P9 Lite (Smartphone Operating System) (version unknown) and classified as critical. Affected by this vulnerability is an unknown function of the component Factory Reset Protection. The manipulation with an unknown input leads to a improper authorization vulnerability. The CWE definition for the vulnerability is CWE-285. The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account.

The bug was discovered 12/07/2016. The weakness was released 04/02/2017 (Website). It is possible to read the advisory at huawei.com. This vulnerability is known as CVE-2016-8776 since 10/18/2016. Attacking locally is a requirement. The exploitation doesn't need any form of authentication. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1548.002 according to MITRE ATT&CK.

The vulnerability was handled as a non-public zero-day exploit for at least 116 days. During that time the estimated underground price was around $5k-$25k.

Upgrading eliminates this vulnerability.

Productinfo

Type

• Smartphone Operating System

Vendor

• Huawei

Name

• P9
• P9 Lite

License

• commercial

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion