Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 22/11/2017 Updated: 12/12/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
huawei agassi-l09hn_firmware ags-l09c233b019
huawei agassi-w09hn_firmware ags-w09c233b019
huawei kobe-l09ahn_firmware kob-l09c233b017
huawei kobe-w09chn_firmware kob-w09c233b012

CWE-704 http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-8159

Vulnerability Summary

References

Vulmon Search

About

Products

Connect