CVE-2017-2707
Description
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message.
Risk Information
Base Score
7.1
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
EPSS Score
Exploitation Probability
0.036
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in mate_9_firmware 9.0.1.159(c636e6r1p8t8) | NCM |
| Multiple Vulnerabilities affected in mate_9_firmware 9.0.1.158(c432e6r1p8t8) | NCM |
| Multiple Vulnerabilities affected in mate_9_firmware 8.0.0.356(c00) | NCM |
| Multiple Vulnerabilities affected in mate_9_firmware 8.0.0.129(sp2c00) | NCM |
| Download of Code Without Integrity Check Vulnerability (CVE-2017-2707) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234