CVE-2017-2704

HIGH

7.5

CVSS Severity Score

EPSS Score0.0150%

EPSS Percentile40.24th

PublishedNov 22, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawei Pay 8.0.0.300 and earlier versions,Skytone 8.1.2.300 and earlier versions,HwCloudDrive(EMUI6.0) 8.0.0.307 and earlier versions,HwPhoneFinder(EMUI6.0) 9.3.0.310 and earlier versions,HwPhoneFinder(EMUI5.1) 9.2.2.303 and earlier versions,HiCinema 8.0.2.300 and earlier versions,HuaweiWear 21.0.0.360 and earlier versions,HiHealthApp 3.0.3.300 and earlier versions have an information exposure vulnerability. Encryption keys are stored in the system. The attacker can implement reverse engineering to obtain the encryption keys, causing information exposure.

<= 3.0.3.300

References & Advisories

🔗 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170920-01-encryption-en

Vulnerability Description

Affected Platforms (CPE)

Smarthome

Hiapp

Hwparentcontrol

Hwparentcontrolparent

Crowdtest

Hiwallet

Huawei Pay

Skytone

Hwclouddrive\(emui6.0\)

Hwphonefinder\(emui6.0\)

Hwphonefinder\(emui5.1\)

Hicinema

Huaweiwear

Hihealthapp

References & Advisories

Related Vulnerabilities