Strix
26.1K

CVE-2017-17171

UnknownEPSS 0.47%

Last modified

CVE-2017-17171 is a vulnerability of currently unknown severity. Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. EPSS estimates a 0.47% chance of exploitation in the next 30 days.

Description

Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart.

Metrics

EPSS Probability
0.47%

37.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
HuaweiMate 8 Firmware< nxt-al10c00b593
HuaweiMate 8 Firmware< nxt-cl00c92b593
HuaweiMate 8 Firmware< nxt-dl00c17b593
HuaweiMate 8 Firmware< nxt-l09c636b598a
HuaweiMate 8 Firmware< nxt-l09c185b583
HuaweiMate 8 Firmware< nxt-l09c432b582
HuaweiMate 8 Firmware< nxt-l09c605b585custc605d590
HuaweiMate 8 Firmware< nxt-l29c10b583
HuaweiMate 8 Firmware< nxt-l29c185b585
HuaweiMate 8 Firmware< nxt-l29c636b594a
HuaweiMate 8 Firmware< nxtl00c01b593
HuaweiP9 Firmware< eva-al00c00b398
HuaweiP9 Firmware< eva-al10c00b398
HuaweiP9 Firmware< eva-cl00c92b398
HuaweiP9 Firmware< eva-dl00c17b398
HuaweiP9 Firmware< eva-l09c185b391
HuaweiP9 Firmware< eva-l09c432b395
HuaweiP9 Firmware< eva-l09c464b383
HuaweiP9 Firmware< eva-l09c605b392
HuaweiP9 Firmware<= eva-l09c636b388
HuaweiP9 Firmware< eva-l19c10b394
HuaweiP9 Firmware< eva-l19c432b392
HuaweiP9 Firmware< eva-l19c605b390
HuaweiP9 Firmware< eva-l19c636b393
HuaweiP9 Firmware< eva-l29c636b389
HuaweiP9 Firmware< eva-tl00c01b398
HuaweiP9 Plus Firmware< vie-l09c318b182
HuaweiP9 Plus Firmware< vie-l09c432b380
HuaweiP9 Plus Firmware< vie-l09c576b180
HuaweiP9 Plus Firmware< vie-l29c605b370
HuaweiP9 Plus Firmware< vie-l29c636b388

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-17171?
Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart.
How severe is CVE-2017-17171?
Severity scoring for CVE-2017-17171 is pending analysis. The EPSS model estimates a 0.47% probability of exploitation in the next 30 days.
How do I fix CVE-2017-17171?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-17171?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST