CVE-2017-17225
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile phones with the versions before LON-AL00B 8.0.0.340a(C00) has a buffer overflow vulnerability due to the lack of input validation. An attacker may use an NFC card reader or another device to inject malicious data into a target mobile phone. Successful exploit could lead to system restart or arbitrary code execution.
El módulo NFC (Near Field Communication) en los smartphones Huawei Mate 9 Pro con versiones anteriores a LON-AL00B 8.0.0.340a(C00) tiene una vulnerabilidad de desbordamiento de búfer debido a la falta de validación de entradas. Un atacante podría emplear un lector de tarjetas NFC u otro dispositivo para inyectar datos maliciosos en un teléfono móvil objetivo. La explotación con éxito de esta vulnerabilidad podría desembocar en el reinicio del sistema o en la ejecución arbitraria de código.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-12-04 CVE Reserved
- 2018-03-09 CVE Published
- 2024-08-05 CVE Updated
- 2024-11-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20180130-01-smartphone-en | 2018-03-27 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Huawei Search vendor "Huawei" | Mate 9 Pro Firmware Search vendor "Huawei" for product "Mate 9 Pro Firmware" | < lon-al00b_8.0.0.340a\(c00\) Search vendor "Huawei" for product "Mate 9 Pro Firmware" and version " < lon-al00b_8.0.0.340a\(c00\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mate 9 Pro Search vendor "Huawei" for product "Mate 9 Pro" | - | - |
Safe
|