Exposure in System Interface on TIT-AL00 Smartphones by Huawei
CVE-2017-2735

7.1HIGH

Key Information:

Vendor: McAfee
Status: Tit-al00
Vendor: CVE Published:; 22 November 2017

What is CVE-2017-2735?

The TIT-AL00 smartphones from Huawei exhibit a vulnerability in their system interface, which allows unrestrained access to external applications. Users may inadvertently install malicious software that calls this exposed interface, enabling attackers to alter system properties without proper authorization. The vulnerability affects software versions prior to TIT-AL00C583B214, underscoring the importance of updating to secure versions to mitigate potential exploits.

Affected Version(s)

TIT-AL00 Versions earlier before TIT-AL00C583B214

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97224

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Dec 1, 2016

McAfee

What is CVE-2017-2735?

Affected Version(s)

References

CVSS V3.1

Timeline