Описание
MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter and cause to memory out-of-bound read.
Уязвимые конфигурации
Конфигурация 1Версия до nice-al10c00b140 (исключая)
Одновременно
cpe:2.3:o:huawei:mtk_platform_smart_phone_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:mtk_platform_smart_phone:-:*:*:*:*:*:*:*
Конфигурация 2Версия до nice-al00c00b160 (исключая)
Одновременно
cpe:2.3:o:huawei:mtk_platform_smart_phone_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:mtk_platform_smart_phone:-:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00079
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter and cause to memory out-of-bound read.
EPSS
Процентиль: 24%
0.00079
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-125