PatchSiren

PatchSiren cyber security CVE debrief

CVE-2017-0447 Google CVE debrief

CVE-2017-0447 is a high-severity elevation-of-privilege issue in the HTC touchscreen driver affecting Android kernel 3.18 and Android versions up to 7.1.1, according to NVD. The published impact is local: a malicious app could potentially execute code in the context of the kernel, but the CVSS vector also indicates high attack complexity and that user interaction is required. The NVD record references an Android security bulletin and third-party tracking entries, indicating vendor guidance and patch context are available. Because the issue requires initial compromise of a privileged process before the kernel-impacting outcome, it is important to treat it as a serious hardening and patch-management item for exposed or long-lived devices rather than as a broadly wormable threat.

Vendor
Google
Product
CVE-2017-0447
CVSS
HIGH 7
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-08
Original CVE updated
2026-05-13
Advisory published
2017-02-08
Advisory updated
2026-05-13

Who should care

Android platform owners, OEM/device maintainers, mobile security teams, and defenders responsible for devices still running Android kernel 3.18 or Android releases up to 7.1.1. It also matters to teams assessing privilege boundaries, driver exposure, and patch status on legacy Android hardware.

Technical summary

NVD describes the flaw as an elevation-of-privilege vulnerability in the HTC touchscreen driver that could allow a local malicious application to execute arbitrary code in kernel context. The provided CVSS vector is AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H, which suggests local access, high complexity, and user interaction are required. The record also notes that exploitation first requires compromising a privileged process. The affected CPEs include Android up to 7.1.1 and Linux kernel 3.18.

Defensive priority

High for affected or unpatched Android devices, especially legacy systems using kernel 3.18 or Android versions up to 7.1.1. Prioritize remediation where privileged apps, device management tooling, or other elevated components may be exposed to untrusted content.

Recommended defensive actions

  • Confirm whether any deployed Android devices match the affected CPEs, especially Android up to 7.1.1 and kernel 3.18.
  • Apply the Android security bulletin guidance referenced by NVD and verify OEM-specific patches are installed.
  • Inventory and retire legacy devices that cannot receive security updates, particularly devices with long-term exposure to third-party apps.
  • Restrict installation of untrusted applications and reduce exposure of privileged processes that could serve as the first stage of compromise.
  • Monitor device integrity and kernel/driver patch levels as part of mobile fleet compliance checks.

Evidence notes

All substantive claims here are grounded in the supplied NVD record and its referenced Android security bulletin. NVD lists the issue as a local elevation-of-privilege in the HTC touchscreen driver, notes the kernel-context impact, and provides the affected CPE range and CVSS vector. The enrichment data indicates no CISA KEV listing. The provided metadata contains a vendor/product attribution that appears generic or inconsistent with the HTC driver description, so this debrief relies on the vulnerability description and NVD references rather than the vendor label alone.

Official resources

The supplied NVD record was published on 2017-02-08 and references an Android security bulletin dated 2017-02-01. The enrichment data provided does not mark this issue as CISA KEV.