CVE-2017-17171

4.2MEDIUM

Key Information:

Vendor: McAfee
Status: Huawei Mate 8; Huawei P9; Huawei P9 Plus
Vendor: CVE Published:; 1 June 2018

Summary

Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart.

Affected Version(s)

HUAWEI Mate 8; HUAWEI P9; HUAWEI P9 Plus HUAWEI Mate 8 Versions earlier than NXT-AL10C00B592

HUAWEI Mate 8; HUAWEI P9; HUAWEI P9 Plus Versions earlier than NXT-CL00C92B592

HUAWEI Mate 8; HUAWEI P9; HUAWEI P9 Plus Versions earlier than NXT-DL00C17B592

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 1, 2018
Vulnerability Reserved
Dec 4, 2017