PT-2017-15498 · Huawei · Huawei P9 Plus

Published

2017-11-22

Updated

2017-12-12

CVE-2017-2711

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Huawei P9 Plus smartphones with software earlier than version VIE-AL10C00B352

Description The issue is related to an input validation vulnerability in the touchscreen Driver, which can be exploited by tricking a user into installing a malicious application. This allows an attacker to send a specific parameter to the smartphone, causing the system to crash.

Recommendations For versions earlier than VIE-AL10C00B352, update the software to version VIE-AL10C00B352 or later to resolve the issue. As a temporary workaround, consider restricting the installation of applications from untrusted sources to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-2711

Affected Products

Huawei P9 Plus

PT-2017-15498 · Huawei · Huawei P9 Plus

CVE-2017-2711

Weakness Enumeration

Related Identifiers

Affected Products

References · 4