First published: Wed Apr 11 2018(Updated: )
The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague-L31C576B172, versions before Prague-L31C530B160, versions before Prague-L31C432B180 has a man-in-the-middle (MITM) vulnerability due to the use of the insecure HTTP protocol for theme download. An attacker may exploit this vulnerability to tamper with downloaded themes.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Honor 8 Lite Firmware | <prague-l31c530b160 | |
Huawei Honor 8 Lite | ||
Huawei Honor 8 Lite Firmware | <prague-l31c576b172 | |
Huawei Honor 8 Lite Firmware | <prague-l31c432b180 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2017-8154.
The severity of CVE-2017-8154 is medium with a severity value of 5.3.
The affected software for CVE-2017-8154 is Huawei Honor 8 Lite Firmware versions before Prague-L31C576B172, Prague-L31C530B160, and Prague-L31C432B180.
The vulnerability in the Themes App is a man-in-the-middle (MITM) vulnerability.
To fix CVE-2017-8154, update the Huawei Honor 8 Lite Firmware to version Prague-L31C576B172, Prague-L31C530B160, or Prague-L31C432B180.