CVE-2017-17140

Published: Mar 5, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

Huawei Enjoy 5s and Y6 Pro smartphones with software the versions before TAG-AL00C92B170; the versions before TIT-L01C576B121 have an information leak vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious application on the smart phone and the application can read some sensitive information in kernel memory which may cause sensitive information leak.

Vendor	Product	Versions
Huawei Technologies Co., Ltd.	Enjoy 5s; Y6 Pro	affected `The versions before TAG-AL00C92B170` affected `The versions before TIT-L01C576B121`

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-02-smartphone-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-17140

Description

Affected Products

References