CVE-2017-17224
HIGHHuawei <Harry-AL00C 9.1.0.206(C00E205R3P1 - Memory Corruption
Title source: llmDescription
Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-notices/huawei-sn-20180327-01-hg655m-en
Third Party Advisory x_refsource_misc
https://fortiguard.com/zeroday/FG-VD-18-017
Scores
CVSS v3
8.8
EPSS
0.0006
EPSS Percentile
19.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-476
Status
published
Products (1)
huawei/hg655m_firmware
< harry-al00c_9.1.0.206\(c00e205r3p1\)
Published
Nov 12, 2019
Tracked Since
Feb 18, 2026