CVE-2017-8211
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege of the Android system, the APP can send a specific parameter to the driver of the smart phone, causing a system reboot or arbitrary code execution.
El controlador de los smartphones Huawei Honor 5C y Honor 6x con versiones de software anteriores a NEM-AL10C00B356 y Berlin-L21HNC432B360 tiene una vulnerabilidad de desbordamiento de búfer debido a la falta de validación de parámetros. Un atacante puede engañar a un usuario para que instale una app maliciosa que tiene privilegios root del sistema Android. La app podría enviar un parámetro específico al controlador del smartphone, provocando el reinicio del sistema o la ejecución de código arbitrario.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-04-25 CVE Reserved
- 2017-11-22 CVE Published
- 2024-07-28 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170801-01-smartphone-en | 2017-12-06 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Huawei Search vendor "Huawei" | Honor 5c Firmware Search vendor "Huawei" for product "Honor 5c Firmware" | < nem-al10c00b356 Search vendor "Huawei" for product "Honor 5c Firmware" and version " < nem-al10c00b356" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 5c Search vendor "Huawei" for product "Honor 5c" | - | - |
Safe
|
Huawei Search vendor "Huawei" | Honor 6x Firmware Search vendor "Huawei" for product "Honor 6x Firmware" | < berlin-l21hnc432b360 Search vendor "Huawei" for product "Honor 6x Firmware" and version " < berlin-l21hnc432b360" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 6x Search vendor "Huawei" for product "Honor 6x" | - | - |
Safe
|