PT-2017-18207 · Huawei · Nova 2+2

Published

2017-11-22

Updated

2017-12-11

CVE-2017-8203

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Nova 2 Plus, Nova 2 Huawei smartphones versions earlier than BAC-AL00C00B173 Nova 2 Plus, Nova 2 Huawei smartphones versions earlier than PIC-AL00C00B173

Description The issue is related to a use after free (UAF) vulnerability in the Bastet Driver. An attacker can exploit this by convincing a user to install a malicious application with high privileges, potentially leading to arbitrary code execution.

Recommendations For Nova 2 Plus, Nova 2 Huawei smartphones versions earlier than BAC-AL00C00B173, update to a version later than BAC-AL00C00B173. For Nova 2 Plus, Nova 2 Huawei smartphones versions earlier than PIC-AL00C00B173, update to a version later than PIC-AL00C00B173.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2017-8203

Affected Products

Bastet Driver

Nova 2

Nova 2 Plus

PT-2017-18207 · Huawei · Nova 2+2

CVE-2017-8203

Weakness Enumeration

Related Identifiers

Affected Products

References · 4