PT-2017-13999 · Huawei · Huawei Smartphone

Published

2017-12-22

Updated

2018-01-09

CVE-2017-15322

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 Huawei smartphones with software of BGO-L03C331B009CUSTC331D001

Description The issue is due to insufficient input validation, which can be exploited by an attacker sending specially crafted NFC messages to the target device. This could cause a service to crash.

Recommendations For Huawei smartphones with software of BGO-L03C158B003CUSTC158D001, consider disabling NFC functionality until a patch is available. For Huawei smartphones with software of BGO-L03C331B009CUSTC331D001, consider disabling NFC functionality until a patch is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-15322

Affected Products

Huawei Smartphone

PT-2017-13999 · Huawei · Huawei Smartphone

CVE-2017-15322

Weakness Enumeration

Related Identifiers

Affected Products

References · 3