CVE-2017-17171
MEDIUMHuawei Mate 8, P9, and P9 Plus Firmware - Denial of Service via Malicious APK Parameters
Title source: llmDescription
Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart.
References (2)
Core 2
Core References
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone-en
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone
Scores
CVSS v3
4.2
EPSS
0.0005
EPSS Percentile
14.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (3)
huawei/mate_8_firmware
< nxt-al10c00b593
huawei/p9_firmware
< eva-al00c00b398
huawei/p9_plus_firmware
< vie-l09c318b182
Published
Jun 01, 2018
Tracked Since
Feb 18, 2026