CVE-2017-2726
Description
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution.
Risk Information
Base Score
8.4
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.185
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-2724 ,CVE-2017-2725 ,CVE-2017-2726 ,CVE-2017-8145 ,CVE-2017-8146 are affected in p10_firmware victoria-l29ac605b162 | NCM |
| Vulnerabilities CVE-2017-2724 ,CVE-2017-2725 ,CVE-2017-2726 ,CVE-2017-8145 ,CVE-2017-8146 are affected in p10_firmware victoria-l09ac605b162 | NCM |
| Multiple Vulnerabilities affected in p10_firmware victoria-al00ac00b217 | NCM |
| Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-2726) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234