Denial of Service Vulnerability in Huawei Smartphones
CVE-2017-17171

4.2MEDIUM

Key Information:

Vendor: McAfee
Status: Huawei Mate 8; Huawei P9; Huawei P9 Plus
Vendor: CVE Published:; 1 June 2018

Summary

Certain Huawei smartphones are susceptible to a denial of service vulnerability that arises from improper handling of malicious parameters. This flaw enables attackers to deceive users into installing a malicious APK. By exploiting a pre-installed app with appropriate permissions, the attacker can send malicious parameters to the smartphone driver, potentially causing the device to restart unexpectedly. The vulnerability underscores the importance of reviewing application permissions and ensuring that devices are secured against harmful software.

Affected Version(s)

HUAWEI Mate 8; HUAWEI P9; HUAWEI P9 Plus HUAWEI Mate 8 Versions earlier than NXT-AL10C00B592

HUAWEI Mate 8; HUAWEI P9; HUAWEI P9 Plus Versions earlier than NXT-CL00C92B592

HUAWEI Mate 8; HUAWEI P9; HUAWEI P9 Plus Versions earlier than NXT-DL00C17B592

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 1, 2018
Vulnerability Reserved
Dec 4, 2017