CVE-2017-8150

Published: Nov 22, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory writing in the next system reboot, causing continuous system reboot or arbitrary code execution.

Vendor	Product	Versions
Huawei Technologies Co., Ltd.	P10, P10 Plus	affected `The versions before Victoria-L09AC605B162, The versions before Victoria-L29AC605B162, The versions before Vicky-L29AC605B162`

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-02-smartphone-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-8150

Description

Affected Products

References