CVE-2017-8150

2017-11-1500:00:00

huawei

www.cve.org

0.001 Low

EPSS

Percentile

31.6%

JSON

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory writing in the next system reboot, causing continuous system reboot or arbitrary code execution.

CNA Affected

[
  {
    "product": "P10, P10 Plus",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "The versions before Victoria-L09AC605B162, The versions before Victoria-L29AC605B162, The versions before Vicky-L29AC605B162"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-02-smartphone-en

0.001 Low

EPSS

Percentile

31.6%

JSON

Related for CVELIST:CVE-2017-8150