DoS Vulnerability in P9 Plus Smartphones from Huawei
CVE-2017-2731

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: P9 Plus
Vendor: CVE Published:; 22 November 2017

Summary

The vibrator service in Huawei P9 Plus smartphones is susceptible to a Denial of Service vulnerability that allows attackers to exploit the system by inducing users to install specially crafted malicious applications. Once installed, these applications can send specific parameters to the vibrator service interface, ultimately causing the smartphone to crash and disrupt normal operation.

Affected Version(s)

P9 Plus Versions earlier before VIE-AL10C00B386

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Dec 1, 2016