CVE-2017-17145
Description
Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00AC00B135 have an authentication bypass vulnerability due to the improper design of a component. An attacker who get a user's smart phone can execute specific operation, and delete the fingerprint of the phone without authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authentication bypass in Huawei Honor V9 Play allows an attacker with physical access to delete the phone's fingerprint without authentication.
Vulnerability
The vulnerability exists in Huawei Honor V9 Play smart phones with versions before Jimmy-AL00AC00B135. Due to improper design of a component, an attacker can bypass authentication to delete the stored fingerprint. [1]
Exploitation
An attacker must have physical access to the user's smart phone. By executing a specific operation (not detailed in the advisory), the attacker can delete the fingerprint without any authentication. [1]
Impact
Successful exploitation allows the attacker to delete the fingerprint of the phone, removing a biometric authentication method. This could enable further unauthorized access if other authentication mechanisms are not in place. [1]
Mitigation
Huawei has released software update version Jimmy-AL00AC00B135 to fix this vulnerability. Users should update their devices to the latest version. The advisory is available at the provided link. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: < Jimmy-AL00AC00B135
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-03-smartphone-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.