CVE-2017-17325
CVE-2017-17325 is a low-severity vulnerability in Huawei Hicinema with a CVSS 3.x base score of 3.7. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Low (CVSS 3.x base score 3.7)
- CVSS v2: 4.3
- EPSS exploit prediction: 1% (44th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Huawei Hicinema
- Published:
- Last modified:
Description
Huawei video applications HiCinema with software of 8.0.3.308; 8.0.4.300 have a permission control vulnerability. Due to improper verification of specific interface, an attacker who is on the same network with the user can obtain some information through a man-in-the-middle attack.
Frequently asked questions
- What is CVE-2017-17325?
- Huawei video applications HiCinema with software of 8.0.3.308; 8.0.4.300 have a permission control vulnerability. Due to improper verification of specific interface, an attacker who is on the same network with the user can obtain some information through a man-in-the-middle attack.
- How severe is CVE-2017-17325?
- CVE-2017-17325 has a CVSS 3.x base score of 3.7, rated low severity. It is exploitable over network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is low, integrity none, and availability none.
- Is CVE-2017-17325 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (44th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2017-17325?
- CVE-2017-17325 primarily affects Huawei Hicinema. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2017-17325?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2017-17325 published?
- CVE-2017-17325 was published on 2018-03-09 and last updated on 2026-06-17.
References
Affected products (2)
- cpe:2.3:o:huawei:hicinema:8.0.3.308:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:hicinema:8.0.4.300:*:*:*:*:*:*:*
More vulnerabilities in Huawei Hicinema
- CVE-2017-2704 — High (CVSS 7.5): Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier…