CVE-2017-8159

Published: Nov 22, 2017 Last Modified: Apr 20, 2025 EU-VD ID: EUVD-2017-17121 Aliases: GSD-2017-8159
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH 9,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete

Description

AI Translation Available

Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0021
Percentile
0,4th
Updated

EPSS Score Trend (Last 91 Days)

704

Incorrect Type Conversion or Cast

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Other
Potential Impacts:
Other
Applicable Platforms
Languages: C, C++, Memory-Unsafe, Not Language-Specific
View CWE Details
Operating System

Kobe-L09Ahn Firmware by Huawei

Product Information
Vendor Huawei
Product Kobe-L09Ahn Firmware
Version kob-l09c233b017
cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b017:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Kobe-W09Chn Firmware by Huawei

Product Information
Vendor Huawei
Product Kobe-W09Chn Firmware
Version kob-w09c233b012
cpe:2.3:o:huawei:kobe-w09chn_firmware:kob-w09c233b012:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Agassi-L09Hn Firmware by Huawei

Product Information
Vendor Huawei
Product Agassi-L09Hn Firmware
Version ags-l09c233b019
cpe:2.3:o:huawei:agassi-l09hn_firmware:ags-l09c233b019:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Agassi-W09Hn Firmware by Huawei

Product Information
Vendor Huawei
Product Agassi-W09Hn Firmware
Version ags-w09c233b019
cpe:2.3:o:huawei:agassi-w09hn_firmware:ags-w09c233b019:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://www.huawei.com/en/psirt/security-advisories/2017/hua…
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-s…
http://www.huawei.com/en/psirt/security-advisories/2017/hua…
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-s…