CVE-2017-8202 - OpenCVE

The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Prague-al00c Prague-tl00a Firmware Prague-al00a Firmware Prague-al00b Prague-tl10a Prague-al00b Firmware Prague-tl10a Firmware Prague-al00a Prague-tl00a Prague-al00c Firmware

Configuration 1 [-]

AND

cpe:2.3:o:huawei:prague-al00a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:prague-al00a:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:huawei:prague-al00b_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:prague-al00b:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:huawei:prague-al00c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:prague-al00c:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:huawei:prague-tl00a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:prague-tl00a:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:huawei:prague-tl10a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:prague-tl10a:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-smartphone-en	Vendor Advisory
http://www.securityfocus.com/bid/101959	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2017-11-15T00:00:00

Updated: 2017-11-28T10:57:01

Reserved: 2017-04-25T00:00:00

Link: CVE-2017-8202

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-11-22T19:29:05.083

Modified: 2017-12-12T18:07:35.560

Link: CVE-2017-8202

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "Prague-AL00A,Prague-AL00B,Prague-AL00C,Prague-TL00A,Prague-TL10A", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "Versions earlier than Prague-AL00AC00B205,Versions earlier than Prague-AL00BC00B205,Versions earlier than Prague-AL00CC00B205,Versions earlier than Prague-TL00AC01B205,Versions earlier than Prague-TL10AC01B205"}]}], "datePublic": "2017-11-15T00:00:00", "descriptions": [{"lang": "en", "value": "The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot."}], "problemTypes": [{"descriptions": [{"description": "buffer overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-28T10:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-smartphone-en"}, {"name": "101959", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101959"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "DATE_PUBLIC": "2017-11-15T00:00:00", "ID": "CVE-2017-8202", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Prague-AL00A,Prague-AL00B,Prague-AL00C,Prague-TL00A,Prague-TL10A", "version": {"version_data": [{"version_value": "Versions earlier than Prague-AL00AC00B205,Versions earlier than Prague-AL00BC00B205,Versions earlier than Prague-AL00CC00B205,Versions earlier than Prague-TL00AC01B205,Versions earlier than Prague-TL10AC01B205"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "buffer overflow"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-smartphone-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-smartphone-en"}, {"name": "101959", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101959"}]}}}}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-8202", "datePublished": "2017-11-15T00:00:00", "dateReserved": "2017-04-25T00:00:00", "dateUpdated": "2017-11-28T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:prague-al00a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BBFB499-51B9-4AE4-980E-79A00FB0D1B7", "versionEndExcluding": "prague-al00ac00b205", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:prague-al00a:-:*:*:*:*:*:*:*", "matchCriteriaId": "04E54AE0-CB98-47D2-AF52-516EADEF1F5D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:prague-al00b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0FDB5A5-E2FA-49D9-A90A-5610E80FC52E", "versionEndExcluding": "prague-al00bc00b205", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:prague-al00b:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA3C5A77-355C-4797-8B3F-706C9A7C2F1C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:prague-al00c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB9A057F-E073-49CE-B5C8-8AB6C1D86E0F", "versionEndExcluding": "prague-al00cc00b205", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:prague-al00c:-:*:*:*:*:*:*:*", "matchCriteriaId": "05BB6D0A-0545-456D-85CC-9A302BAC9A0E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:prague-tl00a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "13716CDC-BF66-441C-B9AC-2E0DE386F850", "versionEndExcluding": "prague-tl00ac01b205", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:prague-tl00a:-:*:*:*:*:*:*:*", "matchCriteriaId": "338F548C-DA7E-4EA4-9D54-7DDF1D5F99B4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:prague-tl10a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6514DCDB-A643-4270-88D9-5464CAD82D77", "versionEndExcluding": "prague-tl10ac01b205", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:prague-tl10a:-:*:*:*:*:*:*:*", "matchCriteriaId": "F248688D-F679-42E9-BAA4-34187D5EC5F0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot."}, {"lang": "es", "value": "El controlador CameraISP de determinados smartphones Huawei con versiones de software anteriores a Prague-AL00AC00B205, Prague-AL00BC00B205, Prague-AL00CC00B205, Prague-TL00AC01B205 y Prague-TL10AC01B205 tiene una vulnerabilidad de desbordamiento de b\u00fafer debido a la falta de validaci\u00f3n de par\u00e1metros. Un atacante podr\u00eda enga\u00f1ar a un usuario para que instale una app maliciosa que env\u00ede un par\u00e1metro espec\u00edfico al controlador CameraISP del smartphone, provocando el reinicio del sistema."}], "id": "CVE-2017-8202", "lastModified": "2017-12-12T18:07:35.560", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-22T19:29:05.083", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-smartphone-en"}, {"source": "psirt@huawei.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101959"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}