CVE-2017-17158
N/A
Summary
Some Huawei smart phones with the versions before Berlin-L21HNC185B381; the versions before Prague-AL00AC00B223; the versions before Prague-AL00BC00B223; the versions before Prague-AL00CC00B223; the versions before Prague-L31C432B208; the versions before Prague-TL00AC01B223; the versions before Prague-TL00AC01B223 have an information exposure vulnerability. When the user's smart phone connects to the malicious device for charging, an unauthenticated attacker may activate some specific function by sending some specially crafted messages. Due to insufficient input validation of the messages, successful exploit may cause information exposure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | Berlin-L21HN; Prague-AL00A; Prague-AL00B; Prague-AL00C; Prague-L31; Prague-TL00A; Prague-TL10A | The versions before Berlin-L21HNC185B381 | affected |
| Huawei Technologies Co., Ltd. | Berlin-L21HN; Prague-AL00A; Prague-AL00B; Prague-AL00C; Prague-L31; Prague-TL00A; Prague-TL10A | The versions before Prague-AL00AC00B223 | affected |
| Huawei Technologies Co., Ltd. | Berlin-L21HN; Prague-AL00A; Prague-AL00B; Prague-AL00C; Prague-L31; Prague-TL00A; Prague-TL10A | The versions before Prague-AL00BC00B223 | affected |
| Huawei Technologies Co., Ltd. | Berlin-L21HN; Prague-AL00A; Prague-AL00B; Prague-AL00C; Prague-L31; Prague-TL00A; Prague-TL10A | The versions before Prague-AL00CC00B223 | affected |
| Huawei Technologies Co., Ltd. | Berlin-L21HN; Prague-AL00A; Prague-AL00B; Prague-AL00C; Prague-L31; Prague-TL00A; Prague-TL10A | The versions before Prague-L31C432B208 | affected |
| Huawei Technologies Co., Ltd. | Berlin-L21HN; Prague-AL00A; Prague-AL00B; Prague-AL00C; Prague-L31; Prague-TL00A; Prague-TL10A | The versions before Prague-TL00AC01B223 | affected |
Weaknesses
- information exposure
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.