Vulnerability Details CVE-2017-17159
Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone within radio range by special wireless device. Successful exploit could make the smart phone restart.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.1
References
Products affected by CVE-2017-17159
-
cpe:2.3:h:huawei:mt8-emui4.1:-
-
cpe:2.3:h:huawei:nts-al00:-
-
cpe:2.3:o:huawei:mt8-emui4.1_firmware:nxt-al10c00b386
-
cpe:2.3:o:huawei:mt8-emui4.1_firmware:nxt-cl00c92b386
-
cpe:2.3:o:huawei:mt8-emui4.1_firmware:nxt-dl00c17b386
-
cpe:2.3:o:huawei:mt8-emui4.1_firmware:nxt-tl00c01b386sp01
-
cpe:2.3:o:huawei:nts-al00_firmware:nts-al00c00b535