Denial of Service Vulnerability in P10 and P10 Plus Smartphones from Huawei
CVE-2017-8146

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: P10, P10 Plus
Vendor: CVE Published:; 22 November 2017

What is CVE-2017-8146?

The Call module in the Huawei P10 and P10 Plus smartphones, particularly in software versions before VTR-AL00C00B167, VTR-TL00C01B167, VKY-AL00C00B167, and VKY-TL00C01B167, is susceptible to a Denial of Service (DoS) vulnerability. This vulnerability allows an attacker to deceive users into installing malicious applications that can manipulate the call module. By sending specific parameters, these malicious apps can disrupt the call and data communication features of the smartphones, leading to service interruptions.

Affected Version(s)

P10, P10 Plus The versions before VTR-AL00C00B167, The versions before VTR-TL00C01B167, The versions before VKY-AL00C00B167, The vertions before VKY-TL00C01B167

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Apr 25, 2017

McAfee

What is CVE-2017-8146?

Affected Version(s)

References

CVSS V3.1

Timeline