← volver
CVE-2017-2694

CVE-2017-2694

EPSS 0.5%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
22 nov 2017Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experience.
Productos afectados
Huawei Technologies Co., Ltd. · HwVmall

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-vmall-enhttp://www.securityfocus.com/bid/95915