CVE-2017-15307 — Huawei Honor 8 Firmware vulnerability

3 documents3 sources

Severity

2.3LOWNVD

EPSS

0.0%

top 93.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Honor 8 Firmware Huawei Technologies CO LTD Honor 8

Timeline

PublishedDec 22

Latest updateMay 13

Description

Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability due to improper authorization configuration on specific device information.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:NExploitability: 0.8 | Impact: 1.4

Affected Packages2 packages

▶NVDhuawei/honor_8_firmware< frd-l04c567b389+1

▶CVEListV5huawei_technologies_co_ltd/honor_8earlier than FRD-L04C567B389, earlier than FRD-L14C567B389+1

🔴Vulnerability Details

GHSA

GHSA-vwxx-h59m-6h44: Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability↗2022-05-13

▶

CVEList

CVE-2017-15307: Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability↗2017-12-22

▶