Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-8204

EPSS 0.17% · P38
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-8204

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Huawei Honor 9 Bastet驱动程序数字错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Huawei Honor 9是中国华为(Huawei)公司的一款智能手机产品。Bastet driver是运行在其中的一个通讯驱动程序。 Huawei Honor 9 Stanford-AL10C00B175之前的版本中的Bastet驱动程序存在整数溢出漏洞,该漏洞源于缺少参数检查。攻击者可通过诱使用户安装一个获取了root权限的恶意应用利用该漏洞向手机驱动发送特定参数,执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Huawei Technologies Co., Ltd.Honor 9 Versions earlier than Stanford-AL10C00B175 -

II. Public POCs for CVE-2017-8204

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-8204

登录查看更多情报信息。

Same Patch Batch · Huawei Technologies Co., Ltd. · 2017-11-22 · 144 CVEs total

CVE-2017-8158Huawei FusionCompute 安全漏洞
CVE-2017-8178Huawei Vicky-AL00 Email应用程序跨站脚本漏洞
CVE-2017-8177Huawei HiWallet 安全漏洞
CVE-2017-8175Huawei Vicky-AL00A、Victoria-AL00A和Warsaw-AL00 Bastet 输入验证漏洞
CVE-2017-8174Huawei USG6300和USG6600 安全漏洞
CVE-2017-8173多款Huawei产品安全漏洞
CVE-2017-8172Huawei P10和P10 Plus 安全漏洞
CVE-2017-8171Huawei Vicky-AL00 安全漏洞
CVE-2017-8170Huawei VIE-L09 缓冲区错误漏洞
CVE-2017-8169Huawei VIE-L09 缓冲区错误漏洞
CVE-2017-8168Huawei FusionSphere OpenStack 信息泄露漏洞
CVE-2017-8167Huawei USG9500 安全漏洞
CVE-2017-8166Huawei Honor V9 安全漏洞
CVE-2017-8163多款Huawei产品安全漏洞
CVE-2017-8162多款Huawei产品安全漏洞
CVE-2017-8161Huawei EVA-L09 安全漏洞
CVE-2017-8160多款Huawei产品Madapt驱动程序安全漏洞
CVE-2017-8159多款Huawei产品安全漏洞
CVE-2017-8146Huawei P10和P10 Plus通话模块安全漏洞
CVE-2017-8144多款Huawei手机资源管理错误漏洞

Showing top 20 of 144 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Honor 9
Same vendor: Huawei Technologies Co., Ltd.

V. Comments for CVE-2017-8204

No comments yet

Leave a comment