Huawei · Huawei Y6 Pro · CVE-2017-17140
Name of the Vulnerable Software and Affected Versions:
Huawei Enjoy 5s versions prior to TAG-AL00C92B170
Huawei Y6 Pro versions prior to TIT-L01C576B121
Description:
The issue is caused by a lack of parameter validation, leading to an information leak. An attacker can trick a user into installing a malicious application, which can then read sensitive information in kernel memory, potentially causing a sensitive information leak.
Recommendations:
For Huawei Enjoy 5s versions prior to TAG-AL00C92B170, update to version TAG-AL00C92B170 or later to resolve the issue.
For Huawei Y6 Pro versions prior to TIT-L01C576B121, update to version TIT-L01C576B121 or later to resolve the issue.