CVE-2017-2733
Description
Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart phone, and the application can get the file that keep the cipher text of the SIM card PIN.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.092
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-2728 ,CVE-2017-2733 are affected in honor_6x_firmware berlin-l22c636b150 | NCM |
| Vulnerabilities CVE-2017-2728 ,CVE-2017-2733 are affected in honor_6x_firmware berlin-l21c464b137 | NCM |
| Vulnerabilities CVE-2017-2728 ,CVE-2017-2733 are affected in honor_6x_firmware berlin-l21c185b363 | NCM |
| Vulnerabilities CVE-2017-2728 ,CVE-2017-2733 are affected in honor_6x_firmware berlin-l21c10b372 | NCM |
| Vulnerabilities CVE-2017-2733 are affected in honor_6x_firmware berlin-l23c605b161 | NCM |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2733) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234