PT-2017-18155 · Huawei · P10 Plus+1
Erez Yalon
·
Published
2017-11-22
·
Updated
2017-12-11
·
CVE-2017-8146
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167
P10 and P10 Plus smartphones with software versions before VTR-TL00C01B167
P10 and P10 Plus smartphones with software versions before VKY-AL00C00B167
P10 and P10 Plus smartphones with software versions before VKY-TL00C01B167
Description
The issue affects the call module, allowing an attacker to crash the call and data communication process by tricking a user into installing a malicious application. This application can send a given parameter to the call module, resulting in a denial of service.
Recommendations
For P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, update to version VTR-AL00C00B167 or later.
For P10 and P10 Plus smartphones with software versions before VTR-TL00C01B167, update to version VTR-TL00C01B167 or later.
For P10 and P10 Plus smartphones with software versions before VKY-AL00C00B167, update to version VKY-AL00C00B167 or later.
For P10 and P10 Plus smartphones with software versions before VKY-TL00C01B167, update to version VKY-TL00C01B167 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
P10
P10 Plus