QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-2694

Back to search

CVE-2017-2694

Published: Nov 22, 2017

Modified: Sep 17, 2024

PUBLISHED

Description

The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experience.

VendorProductVersions

Huawei Technologies Co., Ltd.

HwVmall

affected
Earlier than HwVmall 1.5.2.0 versions

References

95915
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now