CVE-2017-2697

Published Nov 22, 2017

Last updated 7 years ago

CVSS high 7.8

Overview

Description: The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:gt3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BC216CD0-0BF1-4082-820E-D597CA1C2840"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:gt3_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A664EAA-CB7E-4170-B9EA-83C958EF8657",
            "versionEndIncluding": "nmo-l31c432b120"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0A135A0A-CBDE-4CFB-83EC-F1169D5AE71F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F84B142D-0AD1-4B52-829E-7F66A6D82564",
            "versionEndIncluding": "nem-l51c432b120"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:knt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F5DE4358-AFCC-4B61-9FEE-5F054C06BECC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:knt_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAD2A7EF-97FD-415E-9FBC-54A01BE9CCFF",
            "versionEndIncluding": "knt-al10c746b160"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p9_lite:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "866C3F90-FC3B-4A9F-8BAC-83A89077F96E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p9_lite_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDD94F90-3A1D-4C69-9AE0-20A4729024AB",
            "versionEndIncluding": "vns-l21c185b142"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:y6ii:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "34634B10-87F0-4BE5-A116-DD399A06611A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:y6ii_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5F578FF-9F11-49CB-98D2-023178C1343D",
            "versionEndIncluding": "cam-l21c10b130"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0A135A0A-CBDE-4CFB-83EC-F1169D5AE71F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F84B142D-0AD1-4B52-829E-7F66A6D82564",
            "versionEndIncluding": "nem-l51c432b120"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:y6ii:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "34634B10-87F0-4BE5-A116-DD399A06611A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:y6ii_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65F18D59-6FEC-4C7D-96DE-F8C54933764D",
            "versionEndIncluding": "cam-l21c185b141"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References