104 matches found
CVE-2017-2724
The CVE-2017-2724 entry refers to a local buffer overflow in Huawei’s Bastet component affecting P10 Plus and P10 smartphones with software prior to VKY-AL00C00B123 and VTR-AL00C00B123. Root-privileged Android attackers could coerce a user into installing a malicious app, enabling data modificati...
CVE-2017-8141
The CVE-2017-8141 entry concerns a memory double-free vulnerability in the Touch Panel (TP) driver of Huawei P10 Plus smartphones with software versions prior to VKY-AL00C00B153. Exploitation requires root privileges and tricking a user into installing a malicious app; the app can spawn multiple ...
CVE-2017-2725
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify...
CVE-2017-2726
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify...
CVE-2017-8149
The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an out-of-bounds memory access vulnerability due to the lack of parameter validation. An attack...
CVE-2017-8146
The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious application, and the...
CVE-2017-8141
The Touch Panel TP driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. An attacker with the root privilege of the Android system tricks a user into installing a malicious application, and the application can start multiple...
CVE-2017-2726
CVE-2017-2726 affects Huawei Bastet on P10 Plus and P10, prior to VKY-AL00C00B123/VTR-AL00C00B123 builds. Description and CNVD/Huawei advisories indicate a buffer overflow in Bastet caused by lack of parameter checking, exploitable when root Android is present and a user installs a malicious app....
CVE-2017-8149
CVE-2017-8149 affects Huawei P10 and P10 Plus boot loaders, where lack of parameter validation causes out-of-bounds memory access. An attacker with root privileges on Android could lure a user to install a malicious app, enabling the app to modify data and trigger a buffer overflow on the next re...
CVE-2017-8172
Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL00C00B157 versions and earlier than VTR-AL00C00B157 versions has a denial of service DoS vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the application can send given...
CVE-2017-8150
The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker wi...
CVE-2017-2724
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify...
CVE-2017-8146
CVE-2017-8146 affects Huawei P10/P10 Plus call module. The vulnerability allows a crafted malicious app to send specific parameters to the call module, causing denial of service and crashing the call and data communication processes. Affected software versions include prior builds before VTR-AL00...
CVE-2017-8172
The CVE-2017-8172 issue affects Huawei Vicky/Victoria series (P10 Plus and P10) with earlier VKY-AL00C00B157 and VTR-AL00C00B157 revisions. The root cause is in the isub service where crafted input parameters to a specific interface enable an out-of-bounds array access, triggering a device restar...
CVE-2017-2725
The CVE-2017-2725 issue affects Huawei Bastet on P10/P10 Plus (and similar models) with software older than VKY-AL00C00B123 and VTR-AL00C00B123. The root cause is a buffer overflow in Bastet due to insufficient parameter validation, allowing a user to be tricked into installing a malicious app. U...
CVE-2017-8214
CVE-2017-8214 affects Huawei/Honor smartphones (multiple models listed) with firmware versions older than a set of FRD/KNT/Stanford/Duke Picasso Barca EVA variants. The root cause is an unlock-code-verification bypass that lets an attacker with root privileges bypass unlock checks and unlock the ...
Huawei Cell Phone Write Arbitrary Memory Vulnerability
Huawei P10 and P10 Plus are both smartphone products from Chinese company Huawei Huawei. A write-anywhere memory vulnerability exists in the Bootloader of the Huawei P10 and P10 Plus due to a lack of parameter checking. An attacker who has gained root access to the Android system can trick the us...
Huawei Mobile Phone Bootloader Memory Access Out-of-Bounds Vulnerability
Huawei P10 and P10 Plus are both smartphone products from Chinese company Huawei Huawei. A memory access out-of-bounds vulnerability exists in the Bootloader of Huawei P10 and P10 Plus due to lack of parameter checking. An attacker who has gained root access to Android could trick users into...
Huawei Cell Phone Call Module Denial of Service Vulnerability
Huawei P10 and P10 Plus are smartphones from Huawei, a Chinese company. call module is one of the call modules. A denial of service vulnerability exists in the call module of the Huawei P10 and P10 Plus. An attacker can exploit this vulnerability by tricking a user into installing a malicious...
Huawei Cell Phone Call Module Denial of Service Vulnerability (CNVD-2017-19188)
Huawei P10 and P10 Plus are smartphones from Huawei, a Chinese company. call module is one of the call modules. A denial of service vulnerability exists in the call module of the Huawei P10 and P10 Plus. An attacker can exploit this vulnerability by tricking a user into installing a malicious...