// For flags

CVE-2017-17139

 

Severity Score

5.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Huawei Mate 9 and Mate 9 pro smart phones with software the versions before MHA-AL00B 8.0.0.334(C00); the versions before LON-AL00B 8.0.0.334(C00) have a information leak vulnerability in the date service proxy implementation. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to get kernel date which may cause sensitive information leak.

Los smartphones Huawei Mate 9 y Mate 9 pro con software en versiones anteriores a la MHA-AL00B 8.0.0.334(C00) y a la LON-AL00B 8.0.0.334(C00) tienen una vulnerabilidad de filtrado de información en la implementación del proxy de servicio de fecha. Un atacante podría engañar a un usuario para que instale una aplicación maliciosa que pueda explotar la vulnerabilidad para obtener la fecha del kernel, lo que podría causar una filtración de información sensible.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-12-04 CVE Reserved
  • 2018-03-05 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-11-15 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Huawei
Search vendor "Huawei"
Mate 9 Pro Firmware
Search vendor "Huawei" for product "Mate 9 Pro Firmware"
< lon-al00b_8.0.0.334\(c00\)
Search vendor "Huawei" for product "Mate 9 Pro Firmware" and version " < lon-al00b_8.0.0.334\(c00\)"
-
Affected
in Huawei
Search vendor "Huawei"
Mate 9 Pro
Search vendor "Huawei" for product "Mate 9 Pro"
--
Safe
Huawei
Search vendor "Huawei"
Mate 9 Firmware
Search vendor "Huawei" for product "Mate 9 Firmware"
< mha-al00b_8.0.0.334\(c00\)
Search vendor "Huawei" for product "Mate 9 Firmware" and version " < mha-al00b_8.0.0.334\(c00\)"
-
Affected
in Huawei
Search vendor "Huawei"
Mate 9
Search vendor "Huawei" for product "Mate 9"
--
Safe