CVE-2017-8210

CWE-119 ā€” Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
0.2%
top 60.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Honor 5C FirmwareHuawei Honor 6X Firmware
Timeline
PublishedNov 22
Latest updateMay 17

Description

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege of the Android system, the APP can send a specific parameter to the driver of the smart phone, causing a system reboot or arbitrary code execution.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

ā–¶NVDhuawei/honor_5c_firmware< nem-al10c00b356
ā–¶NVDhuawei/honor_6x_firmware< berlin-l21hnc432b360

šŸ”“Vulnerability Details

2
GHSA
GHSA-5cqv-66q8-6qv3: The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360ā†—2022-05-17
ā–¶
CVEList
CVE-2017-8210: The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360ā†—2017-11-22
ā–¶

šŸ’„Exploits & PoCs

1
Exploit-DB
HP PageWide Printers / HP OfficeJet Pro Printers (OfficeJet Pro 8210) - Arbitrary Code Executionā†—2017-06-14
ā–¶
CVE-2017-8210 (HIGH CVSS 7.8) | The driver of honor 5C,honor 6x Hua | cvebase.io