ByteOS Network

Vicky-AL00A

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2017-15330

Assigner-Huawei Technologies

View Details

Assigner-Huawei Technologies

CVSS Score-5.5||MEDIUM

EPSS-0.07% / 21.64%

7 Day CHG~0.00%

Published-15 Feb, 2018 | 16:00

Updated-05 Aug, 2024 | 19:50

The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability. Successful exploitation may cause denial of service (DoS) attack.

Vendor-Huawei Technologies Co., Ltd.

Product-vicky-al00a_firmware vicky-al00a Vicky-AL00A

CWE ID-CWE-415

Double Free

CVE-2017-8171

Assigner-Huawei Technologies

View Details

Assigner-Huawei Technologies

CVSS Score-4.6||MEDIUM

EPSS-0.03% / 6.00%

7 Day CHG~0.00%

Published-22 Nov, 2017 | 19:00

Updated-20 Apr, 2025 | 01:37

Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can perform some operations to bypass the Google account verification. As a result, the FRP function is bypassed.

Vendor-Huawei Technologies Co., Ltd.

Product-p10_plus p10_plus_firmware Vicky-AL00A

CWE ID-CWE-668

Exposure of Resource to Wrong Sphere