PT-2017-18155 · Huawei · P10 Plus+1
Erez Yalon
·
Publicado
2017-11-22
·
Atualizado
2017-12-11
·
CVE-2017-8146
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167
P10 and P10 Plus smartphones with software versions before VTR-TL00C01B167
P10 and P10 Plus smartphones with software versions before VKY-AL00C00B167
P10 and P10 Plus smartphones with software versions before VKY-TL00C01B167
Description
The issue affects the call module, allowing an attacker to crash the call and data communication process by tricking a user into installing a malicious application. This application can send a given parameter to the call module, resulting in a denial of service.
Recommendations
For P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, update to version VTR-AL00C00B167 or later.
For P10 and P10 Plus smartphones with software versions before VTR-TL00C01B167, update to version VTR-TL00C01B167 or later.
For P10 and P10 Plus smartphones with software versions before VKY-AL00C00B167, update to version VKY-AL00C00B167 or later.
For P10 and P10 Plus smartphones with software versions before VKY-TL00C01B167, update to version VKY-TL00C01B167 or later.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
P10
P10 Plus