Vulnerability Details CVE-2017-17139
Huawei Mate 9 and Mate 9 pro smart phones with software the versions before MHA-AL00B 8.0.0.334(C00); the versions before LON-AL00B 8.0.0.334(C00) have a information leak vulnerability in the date service proxy implementation. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to get kernel date which may cause sensitive information leak.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.0%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
Products affected by CVE-2017-17139
-
cpe:2.3:h:huawei:mate_9:-
-
cpe:2.3:h:huawei:mate_9_pro:-
-
cpe:2.3:o:huawei:mate_9_firmware:-
-
cpe:2.3:o:huawei:mate_9_firmware:8.0.0.129(sp2c00)
-
cpe:2.3:o:huawei:mate_9_firmware:8.0.0.356(c00)
-
cpe:2.3:o:huawei:mate_9_firmware:9.0.1.158(c432e6r1p8t8)
-
cpe:2.3:o:huawei:mate_9_firmware:9.0.1.159(c636e6r1p8t8)
-
cpe:2.3:o:huawei:mate_9_firmware:mha-al00ac00b125
-
cpe:2.3:o:huawei:mate_9_pro_firmware:-
-
cpe:2.3:o:huawei:mate_9_pro_firmware:8.0.0.129(sp2c01)
-
cpe:2.3:o:huawei:mate_9_pro_firmware:8.0.0.343(c00)
-
cpe:2.3:o:huawei:mate_9_pro_firmware:8.0.0.356(c00)
-
cpe:2.3:o:huawei:mate_9_pro_firmware:8.0.0.360(c721)
-
cpe:2.3:o:huawei:mate_9_pro_firmware:8.0.0.363(c00)