Privilege escalation

2017-11-2219:29:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.5%

JSON

Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery.

CPENameOperatorVersion
honor_5a_firmwareeq< cam-l3c605b143custc605d3
honor_8_lite_firmwareeq< prague-l3c605b161
honor_8_lite_firmwareeq< prague-l23c605b160
mate_9_firmwareeq< mha-al0c0b225
mate_9_pro_firmwareeq< lon-al0c0b225
p10_firmwareeq< vtr-al0c0b167
p10_firmwareeq< vtr-tl0c1b167
p10_plus_firmwareeq< vky-al0c0b167
p10_plus_firmwareeq< vky-tl0c1b167

Name	Operator	Version
honor_5a_firmware	eq	< cam-l3c605b143custc605d3
honor_8_lite_firmware	eq	< prague-l3c605b161
honor_8_lite_firmware	eq	< prague-l23c605b160
mate_9_firmware	eq	< mha-al0c0b225
mate_9_pro_firmware	eq	< lon-al0c0b225
p10_firmware	eq	< vtr-al0c0b167
p10_firmware	eq	< vtr-tl0c1b167
p10_plus_firmware	eq	< vky-al0c0b167
p10_plus_firmware	eq	< vky-tl0c1b167