PT-2017-18181 · Huawei · Huawei Mobile Phones
Guangdong Bai
+1
·
Published
2017-11-22
·
Updated
2017-12-11
·
CVE-2017-8175
CVSS v2.0
7.1
High
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions
Huawei mobile phones with software earlier than Victoria-AL00AC00B167 versions
Huawei mobile phones with software earlier than Warsaw-AL00C00B191 versions
Description
The issue is related to insufficient input validation due to the lack of parameter validation. This can be exploited by an attacker who tricks a user into installing a malicious APP, which can then modify specific parameters to cause a system reboot.
Recommendations
For versions earlier than Vicky-AL00AC00B167, update to Vicky-AL00AC00B167 or later.
For versions earlier than Victoria-AL00AC00B167, update to Victoria-AL00AC00B167 or later.
For versions earlier than Warsaw-AL00C00B191, update to Warsaw-AL00C00B191 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Mobile Phones