Denial of Service Vulnerability in Huawei P9 Plus Smartphones
CVE-2017-2734

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: P9 Plus
Vendor: CVE Published:; 22 November 2017

Summary

The Huawei P9 Plus smartphones are susceptible to a denial of service vulnerability, which can be exploited when a user is tricked into installing a malicious application. This exploit involves sending certain parameters to a designated interface, leading to excessive memory allocation that may result in the smartphone crashing due to memory exhaustion. To mitigate this risk, users should ensure their devices are updated to the latest software version.

Affected Version(s)

P9 Plus Versions earlier before VIE-AL10BC00B386

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Dec 1, 2016