The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile phones with the versions before LON-AL00B 8.0.0.340a(C00) has a buffer overflow vulnerability due to the lack of input validation. An attacker may use an NFC card reader or another device to inject malicious data into a target mobile phone. Successful exploit could lead to system restart or arbitrary code execution.
Conclusion & alert: CVE-2017-17225 is rated Moderate Risk (51.5/100): CVSS High severity, with low exploitation likelihood (EPSS 0.62%).Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2017-17225
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).