CVE-2017-2711: Input Validation
First published: Wed Nov 22 2017(Updated: )
P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei P9 Plus Firmware | <vie-al10c00b352 | |
| Huawei P9 Plus |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2017-2711.
What is the severity of CVE-2017-2711?
The severity of CVE-2017-2711 is high with a severity value of 5.5.
What is the affected software for CVE-2017-2711?
The affected software for CVE-2017-2711 is Huawei P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions.
What is the description of CVE-2017-2711?
CVE-2017-2711 is an input validation vulnerability in the touchscreen Driver of Huawei P9 Plus smartphones, allowing an attacker to crash the system by tricking a user into installing a malicious application.
Are Huawei P9 Plus smartphones vulnerable to CVE-2017-2711?
Huawei P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions are vulnerable to CVE-2017-2711.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei p9 plus firmware
- canonical/huawei p9 plus