Vulnerability Description
The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172 versions,Victoria-TL00AC00B123,Victoria-TL00AC01B167 has a use after free (UAF) vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Vicky-Al00A Firmware | < vicky-al00ac00b172 |
| Huawei | Vicky-Al00A | - |
| Huawei | Vicky-Al00C Firmware | vicky-al00cc768b122 |
| Huawei | Vicky-Al00C | - |
| Huawei | Vicky-Tl00A Firmware | vicky-tl00ac01b167 |
| Huawei | Vicky-Tl00A | - |
| Huawei | Victoria-Al00A Firmware | < victoria-al00ac00b172_ |
| Huawei | Victoria-Al00A | - |
| Huawei | Victoria-Tl00A Firmware | victoria-tl00ac00b123 |
| Huawei | Victoria-Tl00A | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-smartphVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-smartphVendor Advisory
FAQ
What is CVE-2017-8160?
CVE-2017-8160 is a vulnerability with a CVSS score of 7.8 (HIGH). The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172 versions,Victoria-TL00AC0...
How severe is CVE-2017-8160?
CVE-2017-8160 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-8160?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Vicky-Al00A Firmware, Huawei Vicky-Al00A, Huawei Vicky-Al00C Firmware, Huawei Vicky-Al00C, Huawei Vicky-Tl00A Firmware.