CVE-2017-17139
Description
Huawei Mate 9 and Mate 9 pro smart phones with software the versions before MHA-AL00B 8.0.0.334(C00); the versions before LON-AL00B 8.0.0.334(C00) have a information leak vulnerability in the date service proxy implementation. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to get kernel date which may cause sensitive information leak.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Huawei Mate 9 and Mate 9 Pro smartphones have an information leak vulnerability in the date service proxy that can leak sensitive kernel data via a malicious app.
Vulnerability
CVE-2017-17139 is an information leak vulnerability in the date service proxy implementation of Huawei Mate 9 and Mate 9 Pro smartphones. Affected software versions are those before MHA-AL00B 8.0.0.334(C00) for Mate 9 and before LON-AL00B 8.0.0.334(C00) for Mate 9 Pro. The vulnerability allows a malicious application to access kernel date information, potentially leading to the disclosure of sensitive data [1].
Exploitation
An attacker must trick the user into installing a malicious application. Once installed, the application can exploit the vulnerable date service proxy to retrieve kernel date information. No additional authentication or network position is required beyond the user's device access [1].
Impact
Successful exploitation results in the leakage of kernel date data, which may include sensitive information. This is a confidentiality impact, with no direct effect on integrity or availability. The attacker gains access to kernel-level data that could be used in further attacks or to extract sensitive device information [1].
Mitigation
Huawei has released fixed versions: MHA-AL00B 8.0.0.334(C00) for Mate 9 and LON-AL00B 8.0.0.334(C00) for Mate 9 Pro. Users should update their devices to these versions. The software update was provided as part of Huawei's security advisory on 2017-12-13 [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: < LON-AL00B 8.0.0.334(C00)
- Huawei Technologies Co., Ltd./Mate 9; Mate 9 Prov5Range: The versions before MHA-AL00B 8.0.0.334(C00)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-04-smartphone-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.