Null pointer dereference

2019-11-1222:15:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.5%

JSON

Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.

CPENameOperatorVersion
hg655m_firmwareeq< harryal0c9.1.0.206c0e205r3p1
hg655m_firmwareeq< v100r1c2b23

CPE	Name	Operator	Version
	hg655m_firmware	eq	< harryal0c9.1.0.206c0e205r3p1
	hg655m_firmware	eq	< v100r1c2b23

References

www.huawei.com/en/psirt/security-notices/huawei-sn-20180327-01-hg655m-en

fortiguard.com/zeroday/FG-VD-18-017