High severity7.8NVD Advisory· Published Nov 22, 2017· Updated May 13, 2026

CVE-2017-2699

Description

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and trick users into installing the theme packets, resulting in the execution of arbitrary code.

Affected products

Huawei/Honor 7 Firmware
cpe:2.3:o:huawei:honor_7_firmware:*:*:*:*:*:*:*:*
Range: <plk-ul00c17b385
Huawei/Lyo L21 Firmware
cpe:2.3:o:huawei:lyo-l21_firmware:*:*:*:*:*:*:*:*
Range: <lyo-l21c577b128
Huawei/Mate S Firmware
cpe:2.3:o:huawei:mate_s_firmware:*:*:*:*:*:*:*:*
Range: <crr-l09c432b380
Huawei Technologies Co., Ltd./Honor 7, Mate S,LYO-L21v5
Range: Earlier than PLK-UL00C17B385 versions, Earlier than CRR-L09C432B380 versions, Earlier than LYO-L21C577B128 versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20170222-01-theme-ennvdVendor Advisory
www.securityfocus.com/bid/96424nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000