Vulnerability Details CVE-2017-8202
The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.9%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 7.1
References
Products affected by CVE-2017-8202
-
cpe:2.3:h:huawei:prague-al00a:-
-
cpe:2.3:h:huawei:prague-al00b:-
-
cpe:2.3:h:huawei:prague-al00c:-
-
cpe:2.3:h:huawei:prague-tl00a:-
-
cpe:2.3:h:huawei:prague-tl10a:-
-
cpe:2.3:o:huawei:prague-al00a_firmware:-
-
cpe:2.3:o:huawei:prague-al00a_firmware:al00ac00b223
-
cpe:2.3:o:huawei:prague-al00b_firmware:-
-
cpe:2.3:o:huawei:prague-al00b_firmware:al00bc00b223
-
cpe:2.3:o:huawei:prague-al00c_firmware:-
-
cpe:2.3:o:huawei:prague-al00c_firmware:al00cc00b223
-
cpe:2.3:o:huawei:prague-tl00a_firmware:-
-
cpe:2.3:o:huawei:prague-tl10a_firmware:-