CVE-2017-15340

Name: CVE-2017-15340
Creator: NVD / NIST
Published: 2018-02-15T16:29:00.783+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.67%

Last modified Jun 17, 2026

CVE-2017-15340 is a vulnerability of currently unknown severity. Huawei smartphones with software of TAG-AL00C92B168 have an information disclosure vulnerability. An attacker tricks the user to install a crafted application, this application simulate click action to back up data in a non-encrypted way using an Android assist function. EPSS estimates a 0.67% chance of exploitation in the next 30 days.

Description

Huawei smartphones with software of TAG-AL00C92B168 have an information disclosure vulnerability. An attacker tricks the user to install a crafted application, this application simulate click action to back up data in a non-encrypted way using an Android assist function. Successful exploit could result in information disclosure.

Metrics

EPSS Probability

0.67%

47.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Huawei	Tag-Al00 Firmware	tag-al00c92b168

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-05-smartphone-enVendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-05-smartphone-enVendor Advisory

Timeline

Published: Feb 15, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-15340?

How severe is CVE-2017-15340?

Severity scoring for CVE-2017-15340 is pending analysis. The EPSS model estimates a 0.67% probability of exploitation in the next 30 days.

How do I fix CVE-2017-15340?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-15340?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST