cvedb.io
CVE-2017-17149
LOW · CVSS 3.9
EPSS exploitation probability: 0%
Published 2018-03-09T17:29:00.533 · Last modified 2026-06-17T01:10:26.540

Summary

Huawei HiWallet App with the versions before 8.0.4 has an arbitrary lock pattern change vulnerability. It needs to verify the user's Huawei ID during lock pattern change. An attacker with root privilege who gets a user's smart phone may bypass Huawei ID verification by special operation. Successful exploit of this vulnerability can allow an attacker to change the lock pattern of HiWallet.

Affected products

huawei — hiwallet

Does this affect you?

Add your gear to cvedb and we'll alert you only when huawei ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.