CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-8170

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone, causing the smartphone restart or arbitrary code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.7%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 9.3

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-overflow-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171025-01-overflow-en

Products affected by CVE-2017-8170

Huawei » Vie-L09 » Version: N/A

cpe:2.3:h:huawei:vie-l09:-
Huawei » Vie-L09 Firmware » Version: vie-l09c02b131

cpe:2.3:o:huawei:vie-l09_firmware:vie-l09c02b131
Huawei » Vie-L09 Firmware » Version: vie-l09c25b120

cpe:2.3:o:huawei:vie-l09_firmware:vie-l09c25b120
Huawei » Vie-L09 Firmware » Version: vie-l09c40b181

cpe:2.3:o:huawei:vie-l09_firmware:vie-l09c40b181

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8170

Products

Pricing

Contact Us