PT-2017-13999 · Huawei · Huawei Smartphone

Publicado

2017-12-22

Atualizado

2018-01-09

CVE-2017-15322

CVSS v3.1

6.5

Média

Vetor

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 Huawei smartphones with software of BGO-L03C331B009CUSTC331D001

Description The issue is due to insufficient input validation, which can be exploited by an attacker sending specially crafted NFC messages to the target device. This could cause a service to crash.

Recommendations For Huawei smartphones with software of BGO-L03C158B003CUSTC158D001, consider disabling NFC functionality until a patch is available. For Huawei smartphones with software of BGO-L03C331B009CUSTC331D001, consider disabling NFC functionality until a patch is available.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2017-15322

Produtos afetados

Huawei Smartphone

PT-2017-13999 · Huawei · Huawei Smartphone

CVE-2017-15322

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3