Denial of Service Vulnerability in Huawei P9 Plus Smartphones
CVE-2017-2734

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: P9 Plus
Vendor: CVE Published:; 22 November 2017

What is CVE-2017-2734?

The Huawei P9 Plus smartphones are susceptible to a denial of service vulnerability, which can be exploited when a user is tricked into installing a malicious application. This exploit involves sending certain parameters to a designated interface, leading to excessive memory allocation that may result in the smartphone crashing due to memory exhaustion. To mitigate this risk, users should ensure their devices are updated to the latest software version.

Affected Version(s)

P9 Plus Versions earlier before VIE-AL10BC00B386

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Dec 1, 2016

McAfee

What is CVE-2017-2734?

Affected Version(s)

References

CVSS V3.1

Timeline