CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
36.7%
Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | emily-l29c_firmware | 8.1.0.132a(c432) | cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.132a\(c432\):*:*:*:*:*:*:* |
huawei | emily-l29c_firmware | 8.1.0.135(c782) | cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.135\(c782\):*:*:*:*:*:*:* |
huawei | emily-l29c_firmware | 8.1.0.154(c10) | cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.154\(c10\):*:*:*:*:*:*:* |
huawei | emily-l29c_firmware | 8.1.0.154(c461) | cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.154\(c461\):*:*:*:*:*:*:* |
huawei | emily-l29c_firmware | 8.1.0.154(c635) | cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.154\(c635\):*:*:*:*:*:*:* |
huawei | emily-l29c_firmware | 8.1.0.156(c185) | cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\(c185\):*:*:*:*:*:*:* |
huawei | emily-l29c_firmware | 8.1.0.156(c605) | cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\(c605\):*:*:*:*:*:*:* |
huawei | emily-l29c_firmware | 8.1.0.159(c636) | cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.159\(c636\):*:*:*:*:*:*:* |
huawei | emily-l29c | - | cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:* |
[
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "8.1.0.132a(C432)"
},
{
"status": "affected",
"version": "8.1.0.135(C782)"
},
{
"status": "affected",
"version": "8.1.0.154(C10)"
},
{
"status": "affected",
"version": "8.1.0.154(C461)"
},
{
"status": "affected",
"version": "8.1.0.154(C635)"
},
{
"status": "affected",
"version": "8.1.0.156(C185)"
},
{
"status": "affected",
"version": "8.1.0.156(C605)"
},
{
"status": "affected",
"version": "8.1.0.159(C636)"
}
]
}
]
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
36.7%