Vulnerability Details CVE-2017-8159
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
Products affected by CVE-2017-8159
-
cpe:2.3:h:huawei:agassi-l09hn:-
-
cpe:2.3:h:huawei:agassi-w09hn:-
-
cpe:2.3:h:huawei:kobe-l09ahn:-
-
cpe:2.3:h:huawei:kobe-w09chn:-
-
cpe:2.3:o:huawei:agassi-l09hn_firmware:ags-l09c233b019
-
cpe:2.3:o:huawei:agassi-w09hn_firmware:ags-w09c233b019
-
cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b017
-
cpe:2.3:o:huawei:kobe-w09chn_firmware:kob-w09c233b012