CVE-2017-8159
Last modified
CVE-2017-8159 is a vulnerability of currently unknown severity. Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. EPSS estimates a 1.03% chance of exploitation in the next 30 days.
Description
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Agassi-L09hn Firmware | ags-l09c233b019 |
| Huawei | Agassi-W09hn Firmware | ags-w09c233b019 |
| Huawei | Kobe-L09ahn Firmware | kob-l09c233b017 |
| Huawei | Kobe-W09chn Firmware | kob-w09c233b012 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-8159?
How severe is CVE-2017-8159?
How do I fix CVE-2017-8159?
Are you affected by CVE-2017-8159?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST