Use After Free Vulnerability in Huawei Mobile Devices
CVE-2017-15347

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: Mate 9 Pro
Vendor: CVE Published:; 15 February 2018

Summary

Huawei Mate 9 Pro mobile phones prior to software version LON-AL00BC00B235 are susceptible to a use after free vulnerability. This flaw can be exploited when a user is manipulated into installing a malicious application, which may lead to unauthorized memory access and cause the device to malfunction. Local attackers can potentially leverage this vulnerability to destabilize the mobile phone's performance, underscoring the importance of timely software updates and security measures.

Affected Version(s)

Mate 9 Pro Versions earlier than LON-AL00BC00B235

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
Oct 14, 2017