← volver
CVE-2017-2699

CVE-2017-2699

EPSS 1.0%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
22 nov 2017Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and trick users into installing the theme packets, resulting in the execution of arbitrary code.
Productos afectados
Huawei Technologies Co., Ltd. · Honor 7, Mate S,LYO-L21

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170222-01-theme-enhttp://www.securityfocus.com/bid/96424