HIGH🇵🇱 Wersja polska

CVE-2017-17172

CVSS 7.3v3.0pub. 2018-06-14upd. 2024-11-21

Huawei smart phones LYO-L21 with software LYO-L21C479B107, LYO-L21C479B107 have a privilege escalation vulnerability. An authenticated, local attacker can crafts malformed packets after tricking a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause the attacker to obtain a higher privilege of the smart phones.

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
  • Huawei Lyo L21

    HW
    Huawei
    wszystkie wersje
  • Huawei Lyo L21 Firmware

    OS
    Huawei
    lyo-l21c479b107lyo-l21c577b126
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2017-2699HIGH7.8ten sam produkt

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, version...

CVE-2019-0708CRITICAL9.8⚠ KEVten sam vendor

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services wh...

CVE-2026-34865CRITICAL10.0PL ✓ten sam vendor

HarmonyOS: przepełnienie bufora sterty (heap buffer overflow) w module WEB

CVE-2026-28536CRITICAL9.6PL ✓ten sam vendor

Pominięcie uwierzytelnienia w module autoryzacji urządzeń Huawei HarmonyOS

CVE-2025-64314CRITICAL9.3PL ✓ten sam vendor

Błąd kontroli uprawnień w module zarządzania pamięcią Huawei HarmonyOS