CVE-2017-2733
published 2017-11-22CVE-2017-2733: Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due…
medium5.5CVSS 3.0
AVLACLPRNUIRSUCHINAN
Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart phone, and the application can get the file that keep the cipher text of the SIM card PIN.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| huawei | honor_6x_firmware | < bln-al10c00b357 | bln-al10c00b357 |
| huawei | honor_6x_firmware | < bln-al20c00b357 | bln-al20c00b357 |
| huawei_technologies_co_ltd | honor_6x | — | — |