CVE-2017-17140

Summary

Huawei Enjoy 5s and Y6 Pro smartphones with software the versions before TAG-AL00C92B170; the versions before TIT-L01C576B121 have an information leak vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious application on the smart phone and the application can read some sensitive information in kernel memory which may cause sensitive information leak.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.Enjoy 5s; Y6 ProThe versions before TAG-AL00C92B170affected
Huawei Technologies Co., Ltd.Enjoy 5s; Y6 ProThe versions before TIT-L01C576B121affected

Weaknesses

  • information leak

ADP Enrichment

CVE Program Container

Additional References

References