PT-2017-18181 · Huawei · Huawei Mobile Phones
Guangdong Bai
+1
·
Publicado
2017-11-22
·
Atualizado
2017-12-11
·
CVE-2017-8175
CVSS v2.0
7.1
Alta
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions
Huawei mobile phones with software earlier than Victoria-AL00AC00B167 versions
Huawei mobile phones with software earlier than Warsaw-AL00C00B191 versions
Description
The issue is related to insufficient input validation due to the lack of parameter validation. This can be exploited by an attacker who tricks a user into installing a malicious APP, which can then modify specific parameters to cause a system reboot.
Recommendations
For versions earlier than Vicky-AL00AC00B167, update to Vicky-AL00AC00B167 or later.
For versions earlier than Victoria-AL00AC00B167, update to Victoria-AL00AC00B167 or later.
For versions earlier than Warsaw-AL00C00B191, update to Warsaw-AL00C00B191 or later.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei Mobile Phones