Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone within radio range by special wireless device. Successful exploit could make the smart phone restart.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-02-smartphone-en | Vendor Advisory |
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-02-smartphone-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
21 Nov 2024, 03:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-02-smartphone-en - Vendor Advisory |
Information
Published : 2018-02-15 16:29
Updated : 2024-11-21 03:17
NVD link : CVE-2017-17159
Mitre link : CVE-2017-17159
CVE.ORG link : CVE-2017-17159
JSON object : View
Products Affected
huawei
- mt8-emui4.1_firmware
- nts-al00_firmware
- mt8-emui4.1
- nts-al00
CWE
CWE-20
Improper Input Validation