Vulnerability Description
The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An attacker can convince a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Nova 2 Firmware | < pic-al00c00b173 |
| Huawei | Nova 2 | - |
| Huawei | Nova 2 Plus Firmware | < bac-al00c00b173 |
| Huawei | Nova 2 Plus | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-smartphVendor Advisory
- http://www.securityfocus.com/bid/101960Third Party AdvisoryVDB Entry
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-smartphVendor Advisory
- http://www.securityfocus.com/bid/101960Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-8203?
CVE-2017-8203 is a vulnerability with a CVSS score of 7.8 (HIGH). The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An at...
How severe is CVE-2017-8203?
CVE-2017-8203 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-8203?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Nova 2 Firmware, Huawei Nova 2, Huawei Nova 2 Plus Firmware, Huawei Nova 2 Plus.