CVE-2017-8175
Last modified
CVE-2017-8175 is a vulnerability of currently unknown severity. The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. EPSS estimates a 0.55% chance of exploitation in the next 30 days.
Description
The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Vicky-Al00a | < vicky-al00ac00b167 |
| Huawei | Victoria-Al00a | < victoria-al00ac00b167 |
| Huawei | Warsaw-Al00 | < warsaw-al00c00b191 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-8175?
How severe is CVE-2017-8175?
How do I fix CVE-2017-8175?
Are you affected by CVE-2017-8175?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST