Vulnerability Description
Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Hg655M Firmware | < harry-al00c_9.1.0.206\(c00e205r3p1\) |
| Huawei | Hg655M | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-notices/huawei-sn-20180327-01-hg655m-enVendor Advisory
- https://fortiguard.com/zeroday/FG-VD-18-017Third Party Advisory
- http://www.huawei.com/en/psirt/security-notices/huawei-sn-20180327-01-hg655m-enVendor Advisory
- https://fortiguard.com/zeroday/FG-VD-18-017Third Party Advisory
FAQ
What is CVE-2017-17224?
CVE-2017-17224 is a vulnerability with a CVSS score of 8.8 (HIGH). Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected prod...
How severe is CVE-2017-17224?
CVE-2017-17224 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-17224?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Hg655M Firmware, Huawei Hg655M.