CVE-2018-7992

{"id": "CVE-2018-7992", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2018-07-31T14:29:01.090", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180725-01-dos-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. The driver does not sufficiently validate the input, an attacker could trick the user to install a malicious application which would send crafted parameters to the driver. Successful exploit could cause a denial of service condition."}, {"lang": "es", "value": "El controlador Mdapt de Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro en versiones anteriores a la 8.0.0.356(C00) y P10 Plus en versiones anteriores a la 8.0.0.357(C00) tiene una vulnerabilidad de desbordamiento de b\u00fafer. El controlador no valida la entrada suficientemente, por lo que un atacante podr\u00eda enga\u00f1ar al usuario para que instale una aplicaci\u00f3n maliciosa que enviar\u00eda par\u00e1metros manipulados al controlador. Su explotaci\u00f3n con \u00e9xito podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."}], "lastModified": "2018-10-04T21:43:43.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mediapad_m3_firmware:btv-w09c128b353custc128d001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEA2997A-3D4F-4F2A-9FC4-F1199B42B691"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mediapad_m3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC9591DC-BA54-4C2B-8625-BD1938E43DBF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_9_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6DFBA3E-A530-4C55-B127-25FDB1D2F2C4", "versionEndExcluding": "8.0.0.356\\(c00\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_9_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4CC4AF8-2F6D-41FC-9697-17472AF32FC6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74C109D1-A80C-4051-978D-E915FEFE858B", "versionEndExcluding": "8.0.0.357\\(c00\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAD5BC83-41ED-4260-8883-4CA5898A4FAD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE86894C-5954-4A3C-B3DE-52E13E346AF8", "versionEndExcluding": "8.0.0.356\\(c00\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "93FB7D8B-A819-4CBB-85D1-D3984D963351"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}