CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-8175

The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.7%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 7.1

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-02-smartphone-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-02-smartphone-en

Products affected by CVE-2017-8175

Huawei » Vicky-Al00a » Version: Any

cpe:2.3:a:huawei:vicky-al00a:*
Huawei » Victoria-Al00a » Version: Any

cpe:2.3:a:huawei:victoria-al00a:*
Huawei » Warsaw-Al00 » Version: Any

cpe:2.3:a:huawei:warsaw-al00:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8175

Products

Pricing

Contact Us