High severity7.8NVD Advisory· Published Nov 22, 2017· Updated May 13, 2026

CVE-2017-8205

Description

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution.

Affected products

Huawei Technologies Co., Ltd./Honor 9v5
Range: Versions earlier than Stanford-AL10C00B175
Huawei/Honor 9 Firmware
cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*
Range: <stanford-al10c00b175

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20170914-02-smartphone-ennvdVendor Advisory
www.securityfocus.com/bid/101963nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000