CVE-2017-8143

CWE-20 — Improper Input Validation3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 80.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Honor 5C Firmware Huawei P9 Lite Firmware

Timeline

PublishedNov 22

Latest updateMay 17

Description

Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDhuawei/p9_lite_firmware< vns-l21c10b381

▶NVDhuawei/honor_5c_firmware< nem-l21c432b351

🔴Vulnerability Details

GHSA

GHSA-p3jc-92j3-5rxq: Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381↗2022-05-17

▶

CVEList

CVE-2017-8143: Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381↗2017-11-22

▶