CVE-2017-8159

Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution.

CVSS v3 7.8 HIGH
CVSS v2.0 9.3 HIGH

7.8^/10

CVSS v3 : HIGH

Vector : AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:agassi-l09hn_firmware:ags-l09c233b019:*:*:*:*:*:*:*

cpe:2.3:h:huawei:agassi-l09hn:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:huawei:agassi-w09hn_firmware:ags-w09c233b019:*:*:*:*:*:*:*

cpe:2.3:h:huawei:agassi-w09hn:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b017:*:*:*:*:*:*:*

cpe:2.3:h:huawei:kobe-l09ahn:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:huawei:kobe-w09chn_firmware:kob-w09c233b012:*:*:*:*:*:*:*

cpe:2.3:h:huawei:kobe-w09chn:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-11-22 19:29

Updated : 2024-02-28 16:04

NVD link : CVE-2017-8159

Mitre link : CVE-2017-8159

CVE.ORG link : CVE-2017-8159

JSON object : View

Products Affected

huawei

kobe-l09ahn
agassi-l09hn
agassi-w09hn_firmware
kobe-l09ahn_firmware
agassi-l09hn_firmware
kobe-w09chn
agassi-w09hn
kobe-w09chn_firmware

CWE

CWE-704

Incorrect Type Conversion or Cast

{"id": "CVE-2017-8159", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2017-11-22T19:29:03.677", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171018-02-smartphone-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-704"}]}], "descriptions": [{"lang": "en", "value": "Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then may cause malicious code execution."}, {"lang": "es", "value": "Algunos smartphones Huawei con software AGS-L09C233B019, AGS-W09C233B019, KOB-L09C233B017 o KOB-W09C233B012 tienen una vulnerabilidad de confusi\u00f3n de tipos. El programa inicializa una variable utilizando un tipo, pero luego accede a esa variable utilizando un tipo diferente del original cuando realiza determinadas operaciones de registro. Un exploit exitoso podr\u00eda resultar en un desbordamiento de b\u00fafer que podr\u00eda causar la ejecuci\u00f3n de c\u00f3digo malicioso."}], "lastModified": "2017-12-12T17:40:56.607", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:agassi-l09hn_firmware:ags-l09c233b019:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C80E3F6-CAAB-4E42-A263-C3B133040FE9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:agassi-l09hn:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3498A696-E831-453C-ABCE-77A9908E96F6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:agassi-w09hn_firmware:ags-w09c233b019:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE8DE54A-E45A-4676-BD89-28C36DA471C3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:agassi-w09hn:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AF342830-41FF-4E16-9090-2AB68DD822A2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:kobe-l09ahn_firmware:kob-l09c233b017:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24DE753F-E19D-4F36-93E6-DFBD5BC9EF31"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:kobe-l09ahn:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "58C4B423-90C0-4A6E-A246-1A8BB7282AC8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:kobe-w09chn_firmware:kob-w09c233b012:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "643CA10D-515D-4D24-A1A5-D31DEA91D05C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:kobe-w09chn:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C9CAF9F7-A010-4349-BC8B-B3D6D37C3460"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}