CVE-2017-2713 Information

Description

HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383 versions earlier before EVA-L09C636B380 versions earlier before VIE-L09C432B370 versions earlier before VIE-L29C636B370 have an insufficient input validation vulnerability. An attacker could exploit this vulnerability to tamper with air interface signaling messages and obtain some communication information.

CVSS Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-smartphone-en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

5.4