CVE-2017-8143

Опубликовано: 22 нояб. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 7.1

EPSS Низкий

Описание

Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en
Vendor Advisory
http://www.securityfocus.com/bid/99256
Third Party Advisory
VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170623-01-smartphone-en
Vendor Advisory
http://www.securityfocus.com/bid/99256
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:honor_5c_firmware:*:*:*:*:*:*:*:*

Версия до nem-l21c432b351 (исключая)

cpe:2.3:h:huawei:honor_5c:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:huawei:p9_lite_firmware:*:*:*:*:*:*:*:*

Версия до vns-l21c10b381 (исключая)

cpe:2.3:h:huawei:p9_lite:-:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00061

Низкий

5.5 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-p3jc-92j3-5rxq