CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8149

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an out-of-bounds memory access vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. the APP can modify specific data to cause buffer overflow in the next system reboot, causing out-of-bounds memory read which can continuous system reboot.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.9%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 7.1

References

Products affected by CVE-2017-8149

Huawei » P10 » Version: N/A

cpe:2.3:h:huawei:p10:-
Huawei » P10 Plus » Version: N/A

cpe:2.3:h:huawei:p10_plus:-
Huawei » P10 Firmware » Version: N/A

cpe:2.3:o:huawei:p10_firmware:-
Huawei » P10 Firmware » Version: victoria-al00ac00b217

cpe:2.3:o:huawei:p10_firmware:victoria-al00ac00b217
Huawei » P10 Firmware » Version: victoria-l09ac605b162

cpe:2.3:o:huawei:p10_firmware:victoria-l09ac605b162
Huawei » P10 Plus Firmware » Version: N/A

cpe:2.3:o:huawei:p10_plus_firmware:-
Huawei » P10 Plus Firmware » Version: 8.0.0.357(c00)

cpe:2.3:o:huawei:p10_plus_firmware:8.0.0.357(c00)
Huawei » P10 Plus Firmware » Version: 9.1.0.201(c01e75r1p12t8)

cpe:2.3:o:huawei:p10_plus_firmware:9.1.0.201(c01e75r1p12t8)
Huawei » P10 Plus Firmware » Version: 9.1.0.252(c185e2r1p9t8)

cpe:2.3:o:huawei:p10_plus_firmware:9.1.0.252(c185e2r1p9t8)
Huawei » P10 Plus Firmware » Version: 9.1.0.252(c432e4r1p9t8)

cpe:2.3:o:huawei:p10_plus_firmware:9.1.0.252(c432e4r1p9t8)
Huawei » P10 Plus Firmware » Version: 9.1.0.255(c576e6r1p8t8)

cpe:2.3:o:huawei:p10_plus_firmware:9.1.0.255(c576e6r1p8t8)
Huawei » P10 Plus Firmware » Version: vicky-al00ac00b172

cpe:2.3:o:huawei:p10_plus_firmware:vicky-al00ac00b172
Huawei » P10 Plus Firmware » Version: vicky-al00ac00b172d

cpe:2.3:o:huawei:p10_plus_firmware:vicky-al00ac00b172d

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8149

Products

Pricing

Contact Us