// For flags

CVE-2017-8159

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.

Algunos smartphones Huawei con software AGS-L09C233B019, AGS-W09C233B019, KOB-L09C233B017 o KOB-W09C233B012 tienen una vulnerabilidad de confusión de tipos. El programa inicializa una variable utilizando un tipo, pero luego accede a esa variable utilizando un tipo diferente del original cuando realiza determinadas operaciones de registro. Un exploit exitoso podría resultar en un desbordamiento de búfer que podría causar la ejecución de código malicioso.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-04-25 CVE Reserved
  • 2017-11-22 CVE Published
  • 2024-07-28 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-704: Incorrect Type Conversion or Cast
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Huawei
Search vendor "Huawei"
Agassi-l09hn Firmware
Search vendor "Huawei" for product "Agassi-l09hn Firmware"
ags-l09c233b019
Search vendor "Huawei" for product "Agassi-l09hn Firmware" and version "ags-l09c233b019"
-
Affected
in Huawei
Search vendor "Huawei"
Agassi-l09hn
Search vendor "Huawei" for product "Agassi-l09hn"
--
Safe
Huawei
Search vendor "Huawei"
Agassi-w09hn Firmware
Search vendor "Huawei" for product "Agassi-w09hn Firmware"
ags-w09c233b019
Search vendor "Huawei" for product "Agassi-w09hn Firmware" and version "ags-w09c233b019"
-
Affected
in Huawei
Search vendor "Huawei"
Agassi-w09hn
Search vendor "Huawei" for product "Agassi-w09hn"
--
Safe
Huawei
Search vendor "Huawei"
Kobe-l09ahn Firmware
Search vendor "Huawei" for product "Kobe-l09ahn Firmware"
kob-l09c233b017
Search vendor "Huawei" for product "Kobe-l09ahn Firmware" and version "kob-l09c233b017"
-
Affected
in Huawei
Search vendor "Huawei"
Kobe-l09ahn
Search vendor "Huawei" for product "Kobe-l09ahn"
--
Safe
Huawei
Search vendor "Huawei"
Kobe-w09chn Firmware
Search vendor "Huawei" for product "Kobe-w09chn Firmware"
kob-w09c233b012
Search vendor "Huawei" for product "Kobe-w09chn Firmware" and version "kob-w09c233b012"
-
Affected
in Huawei
Search vendor "Huawei"
Kobe-w09chn
Search vendor "Huawei" for product "Kobe-w09chn"
--
Safe