Vulnerabilities > CVE-2017-17224 - NULL Pointer Dereference vulnerability in Huawei Hg655M Firmware Harryal00C9.1.0.206(C00E205R3P1)

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

huawei

CWE-476

NVD

Published: 2019-11-12

Updated: 2019-11-19

Summary

Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Hg655M Firmware - Huawei Hg655M Firmware Harry-Al00C_9.1.0.206\(C00E205R3P1\)	2
Hardware	Huawei Huawei Hg655M -	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

http://www.huawei.com/en/psirt/security-notices/huawei-sn-20180327-01-hg655m-en
https://fortiguard.com/zeroday/FG-VD-18-017