The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory writing in the next system reboot, causing continuous system reboot or arbitrary code execution.
Conclusion & alert: CVE-2017-8150 is rated Moderate Risk (51.9/100): CVSS High severity, with medium exploitation likelihood (EPSS 0.96%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.07% | 0.96% | +0.89% |
| 2 | 2023-03-07 | 1.52% | 0.07% | -1.45% |
| 3 | 2022-12-22 | — | 1.52% | — |
Full EPSS history (7 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.8 | 3.0 | HIGH |
|
1.8 | 5.9 | [email protected] |
| 9.3 | 2.0 | HIGH |
|
8.6 | 10.0 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| huawei | p10_firmware | < victoria-l09ac605b162 | cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:* |
| huawei | p10_firmware | < victoria-l29ac605b162 | cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:* |
| huawei | p10_plus_firmware | < vicky-l29ac605b162 | cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:* |
| huawei | p8_lite_firmware | < ale-l21c113b566 | cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l09c432b391 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l09c576b386 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l09c605b390 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l09c635b387 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l09c636b388 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l19c10b390 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l19c432b388 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l19c605b390 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| huawei | p9_firmware | < eva-l19c636b391 | cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-02-smartphone-en | Issue Tracking Vendor Advisory |