{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T15:30:48.701","vulnerabilities":[{"cve":{"id":"CVE-2017-8149","sourceIdentifier":"psirt@huawei.com","published":"2017-11-22T19:29:03.317","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an out-of-bounds memory access vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. the APP can modify specific data to cause buffer overflow in the next system reboot, causing out-of-bounds memory read which can continuous system reboot."},{"lang":"es","value":"Los cargadores de arranque de los móviles Huawei P10 y P10 Plus con versiones de software anteriores a Victoria-L09AC605B162, Victoria-L29AC605B162 y Vicky-L29AC605B162 tienen una vulnerabilidad de acceso a memoria fuera de límites debido a la falta de validación de parámetros. Un atacante con privilegios root de un sistema Android podría engañar a un usuario para que instale una app maliciosa. La app puede modificar datos específicos para provocar un desbordamiento de búfer en el próximo reinicio del sistema, provocando una lectura de memoria fuera de límites, lo que puede da lugar a que el sistema se reinicie continuamente."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:C","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"victoria-l09ac605b162","matchCriteriaId":"4015216C-FA85-4D24-BE10-DC6AF9E4B0B8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*","matchCriteriaId":"4FE8B6F1-FD2D-489A-86CE-53945949D362"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"victoria-l29ac605b162","matchCriteriaId":"FC987861-3185-43C3-BE63-D25C01174945"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*","matchCriteriaId":"4FE8B6F1-FD2D-489A-86CE-53945949D362"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"vicky-l29ac605b162","matchCriteriaId":"5D22A313-6919-4719-92EB-BEE566464720"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*","matchCriteriaId":"FAD5BC83-41ED-4260-8883-4CA5898A4FAD"}]}]}],"references":[{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-01-smartphone-en","source":"psirt@huawei.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-01-smartphone-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}}]}