PT-2017-15479 · Huawei · Keyguard

Published

2017-11-22

·

Updated

2017-12-07

·

CVE-2017-2692

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Keyguard application in ALE-L02C635B140 and earlier versions Keyguard application in ALE-L02C636B140 and earlier versions Keyguard application in ALE-L21C10B150 and earlier versions Keyguard application in ALE-L21C185B200 and earlier versions Keyguard application in ALE-L21C432B214 and earlier versions Keyguard application in ALE-L21C464B150 and earlier versions Keyguard application in ALE-L21C636B200 and earlier versions Keyguard application in ALE-L23C605B190 and earlier versions Keyguard application in ALE-TL00C01B250 and earlier versions Keyguard application in ALE-UL00C00B250 and earlier versions Keyguard application in MT7-L09C605B325 and earlier versions Keyguard application in MT7-L09C900B339 and earlier versions Keyguard application in MT7-TL10C900B339 and earlier versions Keyguard application in CRR-CL00C92B172 and earlier versions Keyguard application in CRR-L09C432B180 and earlier versions Keyguard application in CRR-TL00C01B172 and earlier versions Keyguard application in CRR-UL00C00B172 and earlier versions Keyguard application in CRR-UL20C432B171 and earlier versions Keyguard application in GRA-CL00C92B230 and earlier versions Keyguard application in GRA-L09C432B222 and earlier versions Keyguard application in GRA-TL00C01B230SP01 and earlier versions Keyguard application in GRA-UL00C00B230 and earlier versions Keyguard application in GRA-UL00C10B201 and earlier versions Keyguard application in GRA-UL00C432B220 and earlier versions Keyguard application in H60-L04C10B523 and earlier versions Keyguard application in H60-L04C185B523 and earlier versions Keyguard application in H60-L04C636B527 and earlier versions Keyguard application in H60-L04C900B530 and earlier versions Keyguard application in PLK-AL10C00B220 and earlier versions Keyguard application in PLK-AL10C92B220 and earlier versions Keyguard application in PLK-CL00C92B220 and earlier versions Keyguard application in PLK-L01C10B140 and earlier versions Keyguard application in PLK-L01C185B130 and earlier versions Keyguard application in PLK-L01C432B187 and earlier versions Keyguard application in PLK-L01C432B190 and earlier versions Keyguard application in PLK-L01C636B130 and earlier versions Keyguard application in PLK-TL00C01B220 and earlier versions Keyguard application in PLK-TL01HC01B220 and earlier versions Keyguard application in PLK-UL00C17B220 and earlier versions Keyguard application in ATH-AL00C00B210 and earlier versions Keyguard application in ATH-AL00C92B200 and earlier versions Keyguard application in ATH-CL00C92B210 and earlier versions Keyguard application in ATH-TL00C01B210 and earlier versions Keyguard application in ATH-TL00HC01B210 and earlier versions Keyguard application in ATH-UL00C00B210 and earlier versions Keyguard application in RIO-AL00C00B220 and earlier versions Keyguard application in RIO-CL00C92B220 and earlier versions Keyguard application in RIO-TL00C01B220 and earlier versions Keyguard application in RIO-UL00C00B220 and earlier versions
Description The Keyguard application has a privilege elevation issue. An attacker can exploit this to launch command injection and gain elevated privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2017-2692

Affected Products

Keyguard