CVE-2017-8144

Published Nov 22, 2017

Last updated 5 years ago

CVSS medium 5.5

Overview

Description: Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-920

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C583A067-57E6-4789-95CF-459AA2436FC4",
            "versionEndExcluding": "cam-l03c605b143custc605d003"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28042D7B-7395-4CC4-BEFB-1752D4540148"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_lite_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6ADD5FBC-F096-45AA-A165-81674CCA29E8",
            "versionEndExcluding": "prague-l03c605b161"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8_lite:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E9A76E53-8352-4639-97D4-EC8CB1BED996"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8_lite_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD2ACFBC-5642-4A27-85F9-AE47A6FA102B",
            "versionEndExcluding": "prague-l23c605b160"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8_lite:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E9A76E53-8352-4639-97D4-EC8CB1BED996"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAC136D1-7DB7-4FBC-90B7-D8CD55FD7507",
            "versionEndExcluding": "mha-al00c00b225"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "93FB7D8B-A819-4CBB-85D1-D3984D963351"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_9_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96FD5904-D024-4F9F-A375-00F698A9C7D2",
            "versionEndExcluding": "lon-al00c00b225"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_9_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E4CC4AF8-2F6D-41FC-9697-17472AF32FC6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEB5A659-F5AF-42C6-A566-F2A2612D04CE",
            "versionEndExcluding": "vtr-al00c00b167"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4FE8B6F1-FD2D-489A-86CE-53945949D362"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D353EFD-BABD-4D35-A90C-312E9F43D20F",
            "versionEndExcluding": "vtr-tl00c01b167"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4FE8B6F1-FD2D-489A-86CE-53945949D362"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1262860-E63E-429F-9D8C-419CAEE30CAA",
            "versionEndExcluding": "vky-al00c00b167"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FAD5BC83-41ED-4260-8883-4CA5898A4FAD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A748C158-C76C-4B43-BE2C-A3E76813B916",
            "versionEndExcluding": "vky-tl00c01b167"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FAD5BC83-41ED-4260-8883-4CA5898A4FAD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References