Huawei P10 Firmware vulnerabilities
10 known vulnerabilities affecting huawei/p10_firmware.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM5LOW1
Vulnerabilities
Page 1 of 1
CVE-2018-7938LOWCVSS 3.3fixed in victoria-al00ac00b2172018-09-04
CVE-2018-7938 [LOW] CWE-200 CVE-2018-7938: P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulne
P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can read some hardware serial number, which may cause sensitive information leak.
nvd
CVE-2017-2726HIGHCVSS 8.4fixed in vtr-al00c00b1232017-11-22
CVE-2017-2726 [HIGH] CWE-119 CVE-2017-2726: Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system re
nvd
CVE-2017-2724HIGHCVSS 8.4fixed in vtr-al00c00b1232017-11-22
CVE-2017-2724 [HIGH] CWE-119 CVE-2017-2724: Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system re
nvd
CVE-2017-2725HIGHCVSS 7.8fixed in vtr-al00c00b1232017-11-22
CVE-2017-2725 [HIGH] CWE-119 CVE-2017-2725: Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system re
nvd
CVE-2017-8150HIGHCVSS 7.8fixed in victoria-l09ac605b162fixed in victoria-l29ac605b1622017-11-22
CVE-2017-8150 [HIGH] CWE-119 CVE-2017-8150: The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria
The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a use
nvd
CVE-2017-8144MEDIUMCVSS 5.5fixed in vtr-al00c00b167fixed in vtr-tl00c01b1672017-11-22
CVE-2017-8144 [MEDIUM] CWE-920 CVE-2017-8144: Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions bef
Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167
nvd
CVE-2017-8146MEDIUMCVSS 5.5fixed in vtr-al00c00b167fixed in vtr-tl00c01b1672017-11-22
CVE-2017-8146 [MEDIUM] CWE-20 CVE-2017-8146: The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versi
The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious application, and the application can send given parameter to call module to cra
nvd
CVE-2017-8145MEDIUMCVSS 5.5fixed in vtr-al00c00b167fixed in vtr-tl00c01b1672017-11-22
CVE-2017-8145 [MEDIUM] CWE-20 CVE-2017-8145: The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versi
The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious application, and the application can send given parameter to call module to cra
nvd
CVE-2017-8172MEDIUMCVSS 5.5fixed in vtr-al00c00b1572017-11-22
CVE-2017-8172 [MEDIUM] CWE-129 CVE-2017-8172: Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL00C00B157 versions and earlier
Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL00C00B157 versions and earlier than VTR-AL00C00B157 versions has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the application can send given parameter to specific interface, which make a out-of-bou
nvd
CVE-2017-8149MEDIUMCVSS 5.5fixed in victoria-l09ac605b162fixed in victoria-l29ac605b1622017-11-22
CVE-2017-8149 [MEDIUM] CWE-119 CVE-2017-8149: The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria
The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an out-of-bounds memory access vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may tric
nvd