2 matches found
CVE-2017-2694
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experienc...
CVE-2017-2694
The CVE-2017-2694 issue affects Huawei HwVmall’s AlarmService prior to version 1.5.2.0. Root cause: AlarmService does not enforce invocation permissions, allowing any third‑party app to call it. Impact: an attacker could trigger alert music unexpectedly, degrading user experience. Evidence in mul...