CVE-2017-17201
MEDIUMHuawei Berlin-L21HNC432B360 & others - DoS via Malicious App Execution
Title source: llmDescription
Some huawei smartphones with software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160, MHA-AL00AC00B125 have a DoS vulnerability. Due to insufficient input validation, an attacker could trick a user to execute a malicious application, which could be exploited by attacker to launch DoS attacks.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-dos-en
Scores
CVSS v3
5.5
EPSS
0.0008
EPSS Percentile
22.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (12)
huawei/berlin-emui5.0_firmware
berlin-l21hnc432b360
huawei/berlin-emui5.0_firmware
berlin-l22hnc636b360
huawei/berlin-emui5.0_firmware
berlin-l24hnc567b360
huawei/berlin-l21_firmware
berlin-l21c10b130
huawei/berlin-l21_firmware
berlin-l21c185b132
huawei/berlin-l21_firmware
berlin-l21c464b130
huawei/berlin-l22_firmware
berlin-l22c346b140
huawei/berlin-l22_firmware
berlin-l22c636b160
huawei/berlin-l23_firmware
berlin-l23c605b131
huawei/berlin-l23_firmware
berlin-l23domc109b160
... and 2 more
Published
Feb 15, 2018
Tracked Since
Feb 18, 2026