CVE-2017-8145

The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious application, and the application can send given parameter to call module to crash the call and data communication process.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:33

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-02-smartphone-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-02-smartphone-en - Vendor Advisory

Information

Published : 2017-11-22 19:29

Updated : 2024-11-21 03:33


NVD link : CVE-2017-8145

Mitre link : CVE-2017-8145

CVE.ORG link : CVE-2017-8145


JSON object : View

Products Affected

huawei

  • p10_plus_firmware
  • p10_plus
  • p10
  • p10_firmware
CWE
CWE-20

Improper Input Validation