Buffer Overflow Vulnerability in P10 Plus and P10 Smartphones by Huawei
CVE-2017-2724

8.4HIGH

Key Information:

Vendor: McAfee
Status: P10 Plus,p10
Vendor: CVE Published:; 15 November 2017

Summary

The vulnerability allows attackers with root privileges on Android systems to create a malicious application that, if installed by a user, can exploit a buffer overflow condition. This can lead to a system reboot loop or enable arbitrary code execution, posing significant risks to user data and device integrity.

Affected Version(s)

P10 Plus,P10 Eariler than VKY-AL00C00B123 verisons,Earlier than VTR-AL00C00B123 versions

References

http://www.securityfocus.com/bid/97696

vdb-entryx_refsource_BID

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2017
Vulnerability Reserved
Dec 1, 2016