CVE-2017-8159
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.
Algunos smartphones Huawei con software AGS-L09C233B019, AGS-W09C233B019, KOB-L09C233B017 o KOB-W09C233B012 tienen una vulnerabilidad de confusión de tipos. El programa inicializa una variable utilizando un tipo, pero luego accede a esa variable utilizando un tipo diferente del original cuando realiza determinadas operaciones de registro. Un exploit exitoso podría resultar en un desbordamiento de búfer que podría causar la ejecución de código malicioso.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-04-25 CVE Reserved
- 2017-11-22 CVE Published
- 2024-07-28 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-704: Incorrect Type Conversion or Cast
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en | 2017-12-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Agassi-l09hn Firmware Search vendor "Huawei" for product "Agassi-l09hn Firmware" | ags-l09c233b019 Search vendor "Huawei" for product "Agassi-l09hn Firmware" and version "ags-l09c233b019" | - |
Affected
| in | Huawei Search vendor "Huawei" | Agassi-l09hn Search vendor "Huawei" for product "Agassi-l09hn" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Agassi-w09hn Firmware Search vendor "Huawei" for product "Agassi-w09hn Firmware" | ags-w09c233b019 Search vendor "Huawei" for product "Agassi-w09hn Firmware" and version "ags-w09c233b019" | - |
Affected
| in | Huawei Search vendor "Huawei" | Agassi-w09hn Search vendor "Huawei" for product "Agassi-w09hn" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Kobe-l09ahn Firmware Search vendor "Huawei" for product "Kobe-l09ahn Firmware" | kob-l09c233b017 Search vendor "Huawei" for product "Kobe-l09ahn Firmware" and version "kob-l09c233b017" | - |
Affected
| in | Huawei Search vendor "Huawei" | Kobe-l09ahn Search vendor "Huawei" for product "Kobe-l09ahn" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Kobe-w09chn Firmware Search vendor "Huawei" for product "Kobe-w09chn Firmware" | kob-w09c233b012 Search vendor "Huawei" for product "Kobe-w09chn Firmware" and version "kob-w09c233b012" | - |
Affected
| in | Huawei Search vendor "Huawei" | Kobe-w09chn Search vendor "Huawei" for product "Kobe-w09chn" | - | - |
Safe
|