Vulnerabilities > CVE-2017-17224 - NULL Pointer Dereference vulnerability in Huawei Hg655M Firmware Harryal00C9.1.0.206(C00E205R3P1)

CVSS 5.8 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

low complexity

huawei

CWE-476

NVD

Published: 2019-11-12

Updated: 2019-11-19

Summary

Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Hg655M Firmware - Huawei Hg655M Firmware Harry-Al00C_9.1.0.206\(C00E205R3P1\)	2
Hardware	Huawei Huawei Hg655M -	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

http://www.huawei.com/en/psirt/security-notices/huawei-sn-20180327-01-hg655m-en
https://fortiguard.com/zeroday/FG-VD-18-017