Out-of-Bound Read Vulnerability in Huawei Smartphones
CVE-2017-8182

6.1MEDIUM

Key Information:

Vendor: McAfee
Status: Nice-al00
Vendor: CVE Published:; 22 November 2017

What is CVE-2017-8182?

This vulnerability exists in the MTK platform used by certain Huawei smartphones, specifically in software versions prior to Nice-AL00C00B160 and Nice-AL10C00B140. It allows an attacker to exploit the device by tricking users into installing a malicious application. Once the application is installed, it can send crafted parameters that lead to memory being accessed outside its bounds, potentially exposing sensitive information or enabling further malicious activities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Nice-AL00 Earlier than Nice-AL00C00B160 versions, Earlier than Nice-AL10C00B140 versions

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Apr 25, 2017

JSON

McAfee