Vulnerability Details CVE-2017-8211
The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege of the Android system, the APP can send a specific parameter to the driver of the smart phone, causing a system reboot or arbitrary code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
Products affected by CVE-2017-8211
-
cpe:2.3:h:huawei:honor_5c:-
-
cpe:2.3:h:huawei:honor_6x:-
-
cpe:2.3:o:huawei:honor_5c_firmware:-
-
cpe:2.3:o:huawei:honor_6x_firmware:berlin-l21c10b372
-
cpe:2.3:o:huawei:honor_6x_firmware:berlin-l21c185b363
-
cpe:2.3:o:huawei:honor_6x_firmware:berlin-l21c464b137