Denial of Service Vulnerability in Huawei P10 and P10 Plus Smartphones
CVE-2017-8145

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: P10, P10 Plus
Vendor: CVE Published:; 15 November 2017

Summary

The call module in Huawei P10 and P10 Plus smartphones has a weakness permitting denial of service. This vulnerability allows an attacker to potentially trick users into installing a malicious application that, once executed, can send specific parameters to the call module. The result is a crash of both the call and data communication processes, leading to service interruptions for the device user. Keeping smartphones updated to the latest software version can help mitigate this risk.

Affected Version(s)

P10, P10 Plus The versions before VTR-AL00C00B167, The versions before VTR-TL00C01B167, The versions before VKY-AL00C00B167, The vertions before VKY-TL00C01B167

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2017
Vulnerability Reserved
Apr 25, 2017