CVE-2017-17158

Published: May 24, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Some Huawei smart phones with the versions before Berlin-L21HNC185B381; the versions before Prague-AL00AC00B223; the versions before Prague-AL00BC00B223; the versions before Prague-AL00CC00B223; the versions before Prague-L31C432B208; the versions before Prague-TL00AC01B223; the versions before Prague-TL00AC01B223 have an information exposure vulnerability. When the user's smart phone connects to the malicious device for charging, an unauthenticated attacker may activate some specific function by sending some specially crafted messages. Due to insufficient input validation of the messages, successful exploit may cause information exposure.

Vendor	Product	Versions
Huawei Technologies Co., Ltd.	Berlin-L21HN; Prague-AL00A; Prague-AL00B; Prague-AL00C; Prague-L31; Prague-TL00A; Prague-TL10A	affected `The versions before Berlin-L21HNC185B381` affected `The versions before Prague-AL00AC00B223` affected `The versions before Prague-AL00BC00B223` affected `The versions before Prague-AL00CC00B223` affected `The versions before Prague-L31C432B208` +1 more versions

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180523-01-phone-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-17158

Description

Affected Products

References