CVE-2017-8146 Information

Description

The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167 versions before VTR-TL00C01B167 versions before VKY-AL00C00B167 versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can send given parameter to call module to crash the call and data communication process.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170725-02-smartphone-en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

5.5