Buffer Overflow Vulnerability in Huawei MediaPad and Mate 9 Pro
CVE-2018-7992

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: Mediapad M3; Mate 9 Pro; P10 Plus
Vendor: CVE Published:; 31 July 2018

Summary

A buffer overflow vulnerability exists in the Mdapt Driver of certain Huawei MediaPad M3 and Mate 9 Pro devices. The vulnerability arises from insufficient input validation, allowing an attacker to potentially trick users into installing malicious applications. These applications may send crafted parameters to the driver, leading to a denial of service condition. Users are advised to update their devices to the latest software versions to mitigate potential risks.

Affected Version(s)

MediaPad M3; Mate 9 Pro; P10 Plus MediaPad M3 BTV-W09C128B353CUSTC128D001

MediaPad M3; Mate 9 Pro; P10 Plus Mate 9 Pro versions earlier than 8.0.0.356(C00)

MediaPad M3; Mate 9 Pro; P10 Plus P10 Plus versions earlier than 8.0.0.357(C00)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2018
Vulnerability Reserved
Mar 9, 2018