Search criteria
1 vulnerability found for mt8-emui4.1 by huawei
VAR-201802-0439
Vulnerability from variot - Updated: 2024-11-23 22:45Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone within radio range by special wireless device. Successful exploit could make the smart phone restart. HuaweiMT8-EMUI4.1 and NTS-AL00 are all smartphones of China's Huawei company. HuaweiMT8-EMUI4.1 and NTS-AL00 have a denial of service vulnerability. Both Huawei MT8-EMUI4.1 and NTS-AL00 are smartphone products of China Huawei (Huawei). The following products and versions are affected: Huawei MT8-EMUI4.1 NXT-AL10C00B386 version, NXT-CL00C92B386 version, NXT-DL00C17B386 version, NXT-TL00C01B386SP01 version; NTS-AL00 NTS-AL00C00B535 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0439",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mt8-emui4.1",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "nxt-al10c00b386"
},
{
"model": "mt8-emui4.1",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "nxt-cl00c92b386"
},
{
"model": "mt8-emui4.1",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "nxt-dl00c17b386"
},
{
"model": "mt8-emui4.1",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "nxt-tl00c01b386sp01"
},
{
"model": "nts-al00",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "nts-al00c00b535"
},
{
"model": "nts-al00 nts-al00c00b535",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mt8-emui4.1 nxt-al10c00b386",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mt8-emui4.1 nxt-cl00c92b386",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mt8-emui4.1 nxt-dl00c17b386",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mt8-emui4.1 nxt-tl00c01b386sp01",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-314"
},
{
"db": "NVD",
"id": "CVE-2017-17159"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:mt8-emui4.1_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:nts-al00_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
}
]
},
"cve": "CVE-2017-17159",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2017-17159",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-38524",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-108153",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2017-17159",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17159",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-17159",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-38524",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-314",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108153",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"db": "VULHUB",
"id": "VHN-108153"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-314"
},
{
"db": "NVD",
"id": "CVE-2017-17159"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone within radio range by special wireless device. Successful exploit could make the smart phone restart. HuaweiMT8-EMUI4.1 and NTS-AL00 are all smartphones of China\u0027s Huawei company. HuaweiMT8-EMUI4.1 and NTS-AL00 have a denial of service vulnerability. Both Huawei MT8-EMUI4.1 and NTS-AL00 are smartphone products of China Huawei (Huawei). The following products and versions are affected: Huawei MT8-EMUI4.1 NXT-AL10C00B386 version, NXT-CL00C92B386 version, NXT-DL00C17B386 version, NXT-TL00C01B386SP01 version; NTS-AL00 NTS-AL00C00B535 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17159"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"db": "VULHUB",
"id": "VHN-108153"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17159",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-314",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-38524",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-108153",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"db": "VULHUB",
"id": "VHN-108153"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-314"
},
{
"db": "NVD",
"id": "CVE-2017-17159"
}
]
},
"id": "VAR-201802-0439",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"db": "VULHUB",
"id": "VHN-108153"
}
],
"trust": 1.65
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38524"
}
]
},
"last_update_date": "2024-11-23T22:45:26.839000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20171220-02-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-02-smartphone-en"
},
{
"title": "Patch for HuaweiMT8-EMUI4.1 and NTS-AL00 Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/112241"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108153"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"db": "NVD",
"id": "CVE-2017-17159"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-02-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17159"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17159"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171220-02-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"db": "VULHUB",
"id": "VHN-108153"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-314"
},
{
"db": "NVD",
"id": "CVE-2017-17159"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"db": "VULHUB",
"id": "VHN-108153"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-314"
},
{
"db": "NVD",
"id": "CVE-2017-17159"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"date": "2018-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-108153"
},
{
"date": "2018-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"date": "2017-12-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-314"
},
{
"date": "2018-02-15T16:29:01.970000",
"db": "NVD",
"id": "CVE-2017-17159"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38524"
},
{
"date": "2018-03-14T00:00:00",
"db": "VULHUB",
"id": "VHN-108153"
},
{
"date": "2018-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012676"
},
{
"date": "2018-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-314"
},
{
"date": "2024-11-21T03:17:36.523000",
"db": "NVD",
"id": "CVE-2017-17159"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-314"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Vulnerability related to input validation in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012676"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-314"
}
],
"trust": 0.6
}
}