CVE-2017-8144 Information
Description
Honor 5AHonor 8 LiteMate9Mate9 ProP10P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003the versions before Prague-L03C605B161the versions before Prague-L23C605B160the versions before MHA-AL00C00B225the versions before LON-AL00C00B225the versions before VTR-AL00C00B167the versions before VTR-TL00C01B167the versions before VKY-AL00C00B167the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application the application may turn on the device flash-light and rapidly drain the device battery.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Reference
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-01-smartphone-en
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
5.5
Share on: