VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 9, 2018· Updated Aug 5, 2024

CVE-2017-17225

CVE-2017-17225

Description

The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile phones with the versions before LON-AL00B 8.0.0.340a(C00) has a buffer overflow vulnerability due to the lack of input validation. An attacker may use an NFC card reader or another device to inject malicious data into a target mobile phone. Successful exploit could lead to system restart or arbitrary code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Buffer overflow in NFC module of Huawei Mate 9 Pro before LON-AL00B 8.0.0.340a(C00) allows remote code execution via malicious NFC data.

Vulnerability

The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile phones with versions before LON-AL00B 8.0.0.340a(C00) has a buffer overflow vulnerability due to the lack of input validation [1]. This vulnerability can be triggered when the device receives crafted NFC data.

Exploitation

An attacker with physical proximity can use an NFC card reader or another device to inject malicious data into the target mobile phone [1]. No authentication or user interaction is required beyond the NFC communication.

Impact

Successful exploitation could lead to system restart or arbitrary code execution [1]. The attacker may gain the ability to execute code at the system level, potentially compromising the device completely.

Mitigation

Huawei has released software updates to fix this vulnerability. The resolved version is LON-AL00B 8.0.0.340a(C00) [1]. Users are advised to update their devices to this version or later.

References
  1. Security Advisory - Buffer Overflow Vulnerability in the NFC Module of Some Huawei Mobile Phones

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Huawei/Mate 9 Prollm-fuzzy
    Range: before LON-AL00B 8.0.0.340a(C00)
  • Huawei Technologies Co., Ltd./Mate 9 Prov5
    Range: The versions before LON-AL00B 8.0.0.340a(C00)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.