Improper Input Validation
CVE-2018-7906
Summary
Some Huawei smart phones with software of Leland-AL00 8.0.0.114(C636), Leland-AL00A 8.0.0.171(C00) have a denial of service (DoS) vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the parameter, successful exploitation can cause the smartphone black screen until restarting the phone.
- LOW
- LOCAL
- NONE
- UNCHANGED
- REQUIRED
- NONE
- NONE
- HIGH
CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
References
Advisory Timeline
- Published