Vulnerability Description
Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mate 8 Firmware | < nxt-al10c00b593 |
| Huawei | Mate 8 | - |
| Huawei | P9 Firmware | < eva-al00c00b398 |
| Huawei | P9 | - |
| Huawei | P9 Plus Firmware | < vie-l09c318b182 |
| Huawei | P9 Plus | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartpVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphVendor Advisory
FAQ
What is CVE-2017-17171?
CVE-2017-17171 is a vulnerability with a CVSS score of 4.2 (MEDIUM). Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and ...
How severe is CVE-2017-17171?
CVE-2017-17171 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-17171?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 8 Firmware, Huawei Mate 8, Huawei P9 Firmware, Huawei P9, Huawei P9 Plus Firmware.