Some Huawei smart phones with the versions before Berlin-L21HNC185B381; the versions before Prague-AL00AC00B223; the versions before Prague-AL00BC00B223; the versions before Prague-AL00CC00B223; the versions before Prague-L31C432B208; the versions before Prague-TL00AC01B223; the versions before Prague-TL00AC01B223 have an information exposure vulnerability. When the user's smart phone connects to the malicious device for charging, an unauthenticated attacker may activate some specific function by sending some specially crafted messages. Due to insufficient input validation of the messages, successful exploit may cause information exposure.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-phone-en | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: huawei
Published: 2018-05-24T14:00:00
Updated: 2018-05-24T13:57:01
Reserved: 2017-12-04T00:00:00
Link: CVE-2017-17158
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-05-24T14:29:00.250
Modified: 2018-06-26T18:36:14.887
Link: CVE-2017-17158
JSON object: View
Redhat Information
No data.
CWE