CVE-2017-17159
MEDIUM6.5CVSS v3
6.1CVSS v2
0.03%
EPSS (exploit probability)
CWE-20CWE
Description
Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone within radio range by special wireless device. Successful exploit could make the smart phone restart.
CVSS v3 vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected routers (1)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch Status |
|---|---|---|---|---|---|
| Huawei | Huawei B535-232 | — |
— | — | Likely Patched |