CVE-2017-17171

EPSS 0.05%
Veröffentlicht 01.06.2018 14:29:00
Zuletzt bearbeitet 21.11.2024 03:17:38
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Mate 8 Firmware Version < nxt-al10c00b593

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-cl00c92b593

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-dl00c17b593

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-l09c636b598a

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-l09c185b583

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-l09c432b582

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-l09c605b585custc605d590

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-l29c10b583

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-l29c185b585

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxt-l29c636b594a

Huawei ≫ Mate 8 Version-

Huawei ≫ Mate 8 Firmware Version < nxtl00c01b593

Huawei ≫ Mate 8 Version-

Huawei ≫ P9 Firmware Version < eva-al00c00b398

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-al10c00b398

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-cl00c92b398

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-dl00c17b398

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l09c185b391

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l09c432b395

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l09c464b383

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l09c605b392

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version <= eva-l09c636b388

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l19c10b394

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l19c432b392

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l19c605b390

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l19c636b393

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-l29c636b389

Huawei ≫ P9 Version-

Huawei ≫ P9 Firmware Version < eva-tl00c01b398

Huawei ≫ P9 Version-

Huawei ≫ P9 Plus Firmware Version < vie-l09c318b182

Huawei ≫ P9 Plus Version-

Huawei ≫ P9 Plus Firmware Version < vie-l09c432b380

Huawei ≫ P9 Plus Version-

Huawei ≫ P9 Plus Firmware Version < vie-l09c576b180

Huawei ≫ P9 Plus Version-

Huawei ≫ P9 Plus Firmware Version < vie-l29c605b370

Huawei ≫ P9 Plus Version-

Huawei ≫ P9 Plus Firmware Version < vie-l29c636b388

Huawei ≫ P9 Plus Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.11

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.2	0.6	3.6	CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov	6.3	6.8	6.9	AV:N/AC:M/Au:S/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-17171

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-17171

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-17171

EUVD