VYPR
← All advisories
High severity7.5NVD Advisory· Published Nov 22, 2017· Updated May 13, 2026

CVE-2017-2704

CVE-2017-2704

Description

Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawei Pay 8.0.0.300 and earlier versions,Skytone 8.1.2.300 and earlier versions,HwCloudDrive(EMUI6.0) 8.0.0.307 and earlier versions,HwPhoneFinder(EMUI6.0) 9.3.0.310 and earlier versions,HwPhoneFinder(EMUI5.1) 9.2.2.303 and earlier versions,HiCinema 8.0.2.300 and earlier versions,HuaweiWear 21.0.0.360 and earlier versions,HiHealthApp 3.0.3.300 and earlier versions have an information exposure vulnerability. Encryption keys are stored in the system. The attacker can implement reverse engineering to obtain the encryption keys, causing information exposure.

Affected products

15
  • Huawei Technologies Co., Ltd./Smarthome,HiAPP,HwParentControl,HwParentControlParent,Crowdtest,HiWallet,Huawei Pay,Skytone,HwCloudDrive(EMUI6.0),HwPhoneFinder?¡§EMUI6.0??,HwPhoneFinder?¡§EMUI5.1??,HiCinema,HuaweiWear,HiHealthApp,v5
    Range: Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawei Pay 8.0.0.300 and earlier versions,Skytone 8.1.2.300 and earlier versions,HwCloudDrive(EMUI6.0) 8.0.0.307 and earlier versions,HwPhoneFinder EMUI6.0 9.3.0.310 and earlier versions,HwPhoneFinder EMUI5.1 9.2.2.303 and earlier versions,HiCinema 8.0.2.300 and earlier versions,HuaweiWear 21.0.0.360 and earlier versions,HiHealthApp 3.0.3.300 and earlier versions,
  • Huawei/Hwparentcontrol
    cpe:2.3:a:huawei:hwparentcontrol:*:*:*:*:*:*:*:*
    Range: <=2.0.0
  • Huawei/Hwparentcontrolparent
    cpe:2.3:a:huawei:hwparentcontrolparent:*:*:*:*:*:*:*:*
    Range: <=5.1.0.12
  • Huawei/Crowdtest
    cpe:2.3:a:huawei:crowdtest:*:*:*:*:*:*:*:*
    Range: <=1.5.3
  • Huawei/Hiwallet
    cpe:2.3:a:huawei:hiwallet:*:*:*:*:*:*:*:*
    Range: <=8.0.0.301
  • Huawei/Huawei Pay
    cpe:2.3:a:huawei:huawei_pay:*:*:*:*:*:*:*:*
    Range: <=8.0.0.300
  • Huawei/Skytone
    cpe:2.3:a:huawei:skytone:*:*:*:*:*:*:*:*
    Range: <=8.1.2.300
  • Huawei/Hwclouddrive\(emui6.0\)
    cpe:2.3:o:huawei:hwclouddrive\(emui6.0\):*:*:*:*:*:*:*:*
    Range: <=8.0.0.307
  • Huawei/Hwphonefinder\(emui6.0\)
    cpe:2.3:a:huawei:hwphonefinder\(emui6.0\):*:*:*:*:*:*:*:*
    Range: <=9.3.0.310
  • Huawei/Hwphonefinder\(emui5.1\)
    cpe:2.3:a:huawei:hwphonefinder\(emui5.1\):*:*:*:*:*:*:*:*
    Range: <=9.2.2.303
  • Huawei/Hicinema
    cpe:2.3:a:huawei:hicinema:*:*:*:*:*:*:*:*
    Range: <=8.0.2.300
  • Huawei/Huaweiwear
    cpe:2.3:a:huawei:huaweiwear:*:*:*:*:*:*:*:*
    Range: <=21.0.0.360
  • Huawei/Hihealthapp
    cpe:2.3:a:huawei:hihealthapp:*:*:*:*:*:*:*:*
    Range: <=3.0.3.300
  • Huawei/Smarthome
    cpe:2.3:a:huawei:smarthome:*:*:*:*:*:*:*:*
    Range: <=1.0.2.364
  • Huawei/Hiapp
    cpe:2.3:a:huawei:hiapp:*:*:*:*:*:*:*:*
    Range: <=7.3.0.303

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.