7.1
CVE-2017-8144
- EPSS 0.07%
- Published 22.11.2017 19:29:03
- Last modified 20.04.2025 01:37:25
- Source psirt@huawei.com
- Teams watchlist Login
- Open Login
Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery.
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ Honor 5a Firmware Version < cam-l03c605b143custc605d003
Huawei ≫ Honor 8 Lite Firmware Version < prague-l03c605b161
Huawei ≫ Honor 8 Lite Firmware Version < prague-l23c605b160
Huawei ≫ Mate 9 Firmware Version < mha-al00c00b225
Huawei ≫ Mate 9 Pro Firmware Version < lon-al00c00b225
Huawei ≫ P10 Firmware Version < vtr-al00c00b167
Huawei ≫ P10 Firmware Version < vtr-tl00c01b167
Huawei ≫ P10 Plus Firmware Version < vky-al00c00b167
Huawei ≫ P10 Plus Firmware Version < vky-tl00c01b167
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.182 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
CWE-920 Improper Restriction of Power Consumption
The product operates in an environment in which power is a limited resource that cannot be automatically replenished, but the product does not properly restrict the amount of power that its operation consumes.