CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17285

Bluetooth module in some Huawei mobile phones with software LON-AL00BC00B229 and earlier versions has a buffer overflow vulnerability. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth AVDTP/AVCTP messages after successful paring, causing buffer overflow. Successful exploit may cause code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 5.8

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180129-01-bluetooth-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180129-01-bluetooth-en

Products affected by CVE-2017-17285

Huawei » Lon-Al00b » Version: N/A

cpe:2.3:h:huawei:lon-al00b:-
Huawei » Lon-Al00b Firmware » Version: lon-al00bc00

cpe:2.3:o:huawei:lon-al00b_firmware:lon-al00bc00
Huawei » Lon-Al00b Firmware » Version: lon-al00bc00b229

cpe:2.3:o:huawei:lon-al00b_firmware:lon-al00bc00b229

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17285

Products

Pricing

Contact Us