CVE-2017-2730
2.9 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:M/Au:N/C:P/I:N/A:N
3.5 Low
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.5%
HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability. When an iPhone with these APPs installed access the Wi-Fi hotpot built by attacker, the attacker can collect the information of iPhone mode and firmware version.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| huawei:hilink | huawei hilink | lt | 5.0.25.306 |
| huawei:tech_support | huawei tech support | lt | 5.0.0 |
CNA Affected
[
{
"product": "HUAWEI HiLink APP (for IOS), HUAWEI Tech Support APP (for IOS)",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "HUAWEI HiLink APP (for IOS) Versions earlier before 5.0.25.306, HUAWEI Tech Support APP (for IOS) Versions earlier before 5.0.0"
}
]
}
]Related
2.9 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:M/Au:N/C:P/I:N/A:N
3.5 Low
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.5%