CVE-2017-17306
Description
Some Huawei Smartphones with software of VNS-L21AUTC555B141, VNS-L21C10B160, VNS-L21C66B160, VNS-L21C703B140 have an array out-of-bounds read vulnerability. Due to the lack verification of array, an attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker to read out of bounds of array and possibly cause the device abnormal.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.077
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-17306 are affected in vns-l21_firmware vns-l21c703b140 | NCM |
| Vulnerabilities CVE-2017-17306 are affected in vns-l21_firmware vns-l21c66b160 | NCM |
| Vulnerabilities CVE-2017-17306 are affected in vns-l21_firmware vns-l21c10b160 | NCM |
| Vulnerabilities CVE-2017-17306 ,CVE-2017-17307 are affected in vns-l21_firmware vns-l21autc555b141 | NCM |
| Out-of-bounds Read Vulnerability (CVE-2017-17306) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234