Vulnerabilities > CVE-2017-8203 - Use After Free vulnerability in Huawei Nova 2 Firmware and Nova 2 Plus Firmware

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An attacker can convince a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution.

Vulnerable Configurations

Part Description Count
OS
Huawei
2
Hardware
Huawei
2

Common Weakness Enumeration (CWE)