Search criteria
20 vulnerabilities found for p9 by huawei
VAR-201803-0197
Vulnerability from variot - Updated: 2023-12-18 14:01Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 have an information disclosure vulnerability. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in kernel information disclosure. HuaweiP9 is a smartphone from China's Huawei company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-0197",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-al10c00b399sp02"
},
{
"model": "mate 9 pro",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "eva-al10c00b399sp02"
},
{
"model": "p9 \u003ceva-al10c00b399sp02",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"db": "NVD",
"id": "CVE-2017-17319"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b399sp02",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17319"
}
]
},
"cve": "CVE-2017-17319",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.1,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-17319",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-05335",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-17319",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-17319",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-05335",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-718",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"db": "NVD",
"id": "CVE-2017-17319"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 have an information disclosure vulnerability. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in kernel information disclosure. HuaweiP9 is a smartphone from China\u0027s Huawei company",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"db": "CNVD",
"id": "CNVD-2018-05335"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17319",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012981",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-05335",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201803-718",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"db": "NVD",
"id": "CVE-2017-17319"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
]
},
"id": "VAR-201803-0197",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
}
],
"trust": 1.1923961200000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
}
]
},
"last_update_date": "2023-12-18T14:01:20.409000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20180314-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-01-smartphone-en"
},
{
"title": "HuaweiP9 information disclosure vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/121557"
},
{
"title": "Huawei P9 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79318"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"db": "NVD",
"id": "CVE-2017-17319"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17319"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17319"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180314-01-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"db": "NVD",
"id": "CVE-2017-17319"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"db": "NVD",
"id": "CVE-2017-17319"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"date": "2018-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"date": "2018-03-20T15:29:00.407000",
"db": "NVD",
"id": "CVE-2017-17319"
},
{
"date": "2018-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"date": "2018-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012981"
},
{
"date": "2018-04-13T16:31:44.833000",
"db": "NVD",
"id": "CVE-2017-17319"
},
{
"date": "2018-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-05335"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-718"
}
],
"trust": 0.6
}
}
VAR-201711-0221
Vulnerability from variot - Updated: 2023-12-18 13:43Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone. Huawei P9 Smartphone software contains a vulnerability related to access control.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiP9 is a smartphone product from China's Huawei company. HuaweiP9 has a mobile activation bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. There is a security flaw in the Huawei P9
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0221",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al00c00b365"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al10c00b365"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-cl00c92b365"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-dl00c17b365"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-tl00c01b365"
},
{
"model": "p9 \u003ceva-al00c00b365",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-cl00c92b365",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-dl00c17b365",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00b373",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00b195",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00b193",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00b192",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00b190",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl00c01b373",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b373",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b195",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b193",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b192",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b190",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl00c17b373",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b373",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b195",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b193",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b192",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b190",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl00c92b373",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b373",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b352",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b195",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b193",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b192",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b190",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al00c00b352",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl00c01b365",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl00c17b365",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl00c92b365",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b365",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al00c00b365",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"db": "BID",
"id": "95661"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"db": "NVD",
"id": "CVE-2017-2705"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al00c00b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-cl00c92b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-dl00c17b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-tl00c01b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2705"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95661"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2705",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2705",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-00661",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-110908",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 2.4,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-2705",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-2705",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2017-00661",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-772",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-110908",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"db": "VULHUB",
"id": "VHN-110908"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"db": "NVD",
"id": "CVE-2017-2705"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone. Huawei P9 Smartphone software contains a vulnerability related to access control.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiP9 is a smartphone product from China\u0027s Huawei company. HuaweiP9 has a mobile activation bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. \nAn attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. There is a security flaw in the Huawei P9",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2705"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"db": "BID",
"id": "95661"
},
{
"db": "VULHUB",
"id": "VHN-110908"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2705",
"trust": 3.4
},
{
"db": "BID",
"id": "95661",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201701-772",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-00661",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-110908",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"db": "VULHUB",
"id": "VHN-110908"
},
{
"db": "BID",
"id": "95661"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"db": "NVD",
"id": "CVE-2017-2705"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
]
},
"id": "VAR-201711-0221",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"db": "VULHUB",
"id": "VHN-110908"
}
],
"trust": 1.28483934
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00661"
}
]
},
"last_update_date": "2023-12-18T13:43:57.151000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170118-02-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
},
{
"title": "HuaweiP9 mobile phone activates the patch to bypass the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88422"
},
{
"title": "Huawei P9 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67331"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110908"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"db": "NVD",
"id": "CVE-2017-2705"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/95661"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2705"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2705"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170118-02-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"db": "VULHUB",
"id": "VHN-110908"
},
{
"db": "BID",
"id": "95661"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"db": "NVD",
"id": "CVE-2017-2705"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"db": "VULHUB",
"id": "VHN-110908"
},
{
"db": "BID",
"id": "95661"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"db": "NVD",
"id": "CVE-2017-2705"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-110908"
},
{
"date": "2017-01-18T00:00:00",
"db": "BID",
"id": "95661"
},
{
"date": "2017-12-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"date": "2017-11-22T19:29:00.757000",
"db": "NVD",
"id": "CVE-2017-2705"
},
{
"date": "2017-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00661"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-110908"
},
{
"date": "2017-01-23T03:11:00",
"db": "BID",
"id": "95661"
},
{
"date": "2017-12-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010492"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-2705"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 Smartphone software access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010492"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-772"
}
],
"trust": 0.6
}
}
VAR-201711-0243
Vulnerability from variot - Updated: 2023-12-18 13:34Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a privilege escalation vulnerability. An unauthenticated attacker can bypass phone activation to user management page of the phone and create a new user. Successful exploit could allow the attacker operate part function of the phone. Huawei P9 Smartphone software contains a vulnerability related to access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiP9 is a smartphone from China's Huawei company. Audiodriver is one of the audio drivers. A privilege elevation vulnerability exists in HuaweiP9
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al00c00b365"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al10c00b365"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-cl00c92b365"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-dl00c17b365"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-tl00c01b365"
},
{
"model": "p9 \u003ceva-al00c00b365",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b365",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-cl00c92b365",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-dl00c17b365",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-tl00c01b365",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"db": "NVD",
"id": "CVE-2017-2727"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al00c00b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-cl00c92b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-dl00c17b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-tl00c01b365",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2727"
}
]
},
"cve": "CVE-2017-2727",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-2727",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-35443",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-110930",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.9,
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-2727",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-2727",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-35443",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-1001",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110930",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"db": "VULHUB",
"id": "VHN-110930"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"db": "NVD",
"id": "CVE-2017-2727"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a privilege escalation vulnerability. An unauthenticated attacker can bypass phone activation to user management page of the phone and create a new user. Successful exploit could allow the attacker operate part function of the phone. Huawei P9 Smartphone software contains a vulnerability related to access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiP9 is a smartphone from China\u0027s Huawei company. Audiodriver is one of the audio drivers. A privilege elevation vulnerability exists in HuaweiP9",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2727"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"db": "VULHUB",
"id": "VHN-110930"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2727",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1001",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-35443",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-110930",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"db": "VULHUB",
"id": "VHN-110930"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"db": "NVD",
"id": "CVE-2017-2727"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
]
},
"id": "VAR-201711-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"db": "VULHUB",
"id": "VHN-110930"
}
],
"trust": 1.28483934
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35443"
}
]
},
"last_update_date": "2023-12-18T13:34:06.082000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170209-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170209-01-smartphone-en"
},
{
"title": "HuaweiP9 privilege escalation vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/107637"
},
{
"title": "Huawei P9 Fixes for permission permissions and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76711"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110930"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"db": "NVD",
"id": "CVE-2017-2727"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170209-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2727"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2727"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"db": "VULHUB",
"id": "VHN-110930"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"db": "NVD",
"id": "CVE-2017-2727"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"db": "VULHUB",
"id": "VHN-110930"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"db": "NVD",
"id": "CVE-2017-2727"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-110930"
},
{
"date": "2017-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"date": "2017-11-22T19:29:01.630000",
"db": "NVD",
"id": "CVE-2017-2727"
},
{
"date": "2017-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35443"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-110930"
},
{
"date": "2017-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010749"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-2727"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 Smartphone software access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010749"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1001"
}
],
"trust": 0.6
}
}
VAR-201704-0503
Vulnerability from variot - Updated: 2023-12-18 13:19The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190, Versions before EVA-DL10C00B190, Versions before EVA-TL10C00B190, Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow. plural Huawei Smartphone software HIFI The driver has a deficiency in processing related to buffer overflow. root There are vulnerabilities that can be used to gain privileges, crash the system, or execute arbitrary code.By the attacker, root It may be possible to gain privileges, crash the system, or execute arbitrary code. HuaweiMate8, MateS, P8, and P9 are Huawei smartphones. Because some HIFI drivers of Huawei mobile phones lack parameter checking, the attacker uses the vulnerability to construct specific parameters to the HIFI driver after obtaining root privileges, resulting in system restart or arbitrary code execution. Multiple Huawei Products are prone to a local buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed exploit attempts will likely result in denial-of-service conditions. The Huawei Mate 8 and others are smartphones from the Chinese company Huawei
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0503",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate s",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate 8",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate 8",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate s",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p8",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate \u003cnxt-cl00c92b386",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-dl00c17b386",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-tl00c01b386",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-al10c00b386",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate s \u003ccrr-cl00c92b368",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate s \u003ccrr-cl20c92b368",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate s \u003ccrr-tl00c01b368",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate s \u003ccrr-ul00c00b368",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate s \u003ccrr-ul20c00b368",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 \u003cgra-tl00c01b366",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 \u003cgra-ul00c00b366",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 \u003cgra-ul10c00b366",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 \u003cgra-cl00c92b366",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 \u003cgra-cl10c92b366",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b190",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-dl10c00b190",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-tl10c00b190",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-cl10c00b190",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "p8",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "mates",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "mate",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "80"
},
{
"model": "p9 eva-tl10c00b190",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b190",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b190",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b190",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 gra-ul10c00b366",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 gra-ul00c00b366",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 gra-tl00c01b366",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 gra-cl10c92b366",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 gra-cl00c92b366",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mates crr-ul20c00b368",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mates crr-ul00c00b368",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mates crr-tl00c01b368",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mates crr-cl20c92b368",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mates crr-cl00c92b368",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mate nxt-tl00c01b386",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-dl00c17b386",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-cl00c92b386",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-al10c00b386",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"db": "BID",
"id": "94503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"db": "NVD",
"id": "CVE-2016-8774"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p8_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8774"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhao Jianqiang from Lab 0x031E of Qihoo 360 Technology Co. Ltd.",
"sources": [
{
"db": "BID",
"id": "94503"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8774",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-8774",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.5,
"id": "CNVD-2016-11667",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-97594",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-8774",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8774",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-11667",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-660",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-97594",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"db": "VULHUB",
"id": "VHN-97594"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"db": "NVD",
"id": "CVE-2016-8774"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190, Versions before EVA-DL10C00B190, Versions before EVA-TL10C00B190, Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow. plural Huawei Smartphone software HIFI The driver has a deficiency in processing related to buffer overflow. root There are vulnerabilities that can be used to gain privileges, crash the system, or execute arbitrary code.By the attacker, root It may be possible to gain privileges, crash the system, or execute arbitrary code. HuaweiMate8, MateS, P8, and P9 are Huawei smartphones. Because some HIFI drivers of Huawei mobile phones lack parameter checking, the attacker uses the vulnerability to construct specific parameters to the HIFI driver after obtaining root privileges, resulting in system restart or arbitrary code execution. Multiple Huawei Products are prone to a local buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed exploit attempts will likely result in denial-of-service conditions. The Huawei Mate 8 and others are smartphones from the Chinese company Huawei",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8774"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"db": "BID",
"id": "94503"
},
{
"db": "VULHUB",
"id": "VHN-97594"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8774",
"trust": 3.4
},
{
"db": "BID",
"id": "94503",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-11667",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97594",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"db": "VULHUB",
"id": "VHN-97594"
},
{
"db": "BID",
"id": "94503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"db": "NVD",
"id": "CVE-2016-8774"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
]
},
"id": "VAR-201704-0503",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"db": "VULHUB",
"id": "VHN-97594"
}
],
"trust": 1.300076185
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11667"
}
]
},
"last_update_date": "2023-12-18T13:19:31.961000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161123-02-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-02-smartphone-en"
},
{
"title": "Patches for buffer overflow vulnerabilities in various Huawei HIFI drivers",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84451"
},
{
"title": "Multiple Huawei Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65934"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97594"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"db": "NVD",
"id": "CVE-2016-8774"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-02-smartphone-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94503"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8774"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8774"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-02-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"db": "VULHUB",
"id": "VHN-97594"
},
{
"db": "BID",
"id": "94503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"db": "NVD",
"id": "CVE-2016-8774"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"db": "VULHUB",
"id": "VHN-97594"
},
{
"db": "BID",
"id": "94503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"db": "NVD",
"id": "CVE-2016-8774"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97594"
},
{
"date": "2016-11-24T00:00:00",
"db": "BID",
"id": "94503"
},
{
"date": "2017-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"date": "2017-04-02T20:59:01.453000",
"db": "NVD",
"id": "CVE-2016-8774"
},
{
"date": "2016-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11667"
},
{
"date": "2017-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-97594"
},
{
"date": "2016-12-20T01:02:00",
"db": "BID",
"id": "94503"
},
{
"date": "2017-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008267"
},
{
"date": "2017-04-11T01:04:46.573000",
"db": "NVD",
"id": "CVE-2016-8774"
},
{
"date": "2016-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "94503"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Smartphone software HIFI In the driver root Privileged vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008267"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-660"
}
],
"trust": 0.6
}
}
VAR-201711-0257
Vulnerability from variot - Updated: 2023-12-18 13:19Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user's password file during the reboot process, then login the phone without screen lock password after reboot. Huawei P9 Smartphone software contains a vulnerability related to access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiP9 is a Huawei smartphone product from China. HuaweiP9 has a lock screen bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. There is a security flaw in the Huawei P9
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0257",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al10c00b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-cl00c92b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-dl00c17b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-tl00c01b373"
},
{
"model": "p9 \u003ceva-al10c00b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-cl00c92b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-dl00c17b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "p9 eva-tl00c01b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl00c17b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl00c92b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-tl00c01b373",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-dl00c17b373",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-cl00c92b373",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b373",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95658"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2691",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-2691",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2017-00662",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-110894",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-2691",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-2691",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-00662",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-773",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110894",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user\u0027s password file during the reboot process, then login the phone without screen lock password after reboot. Huawei P9 Smartphone software contains a vulnerability related to access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiP9 is a Huawei smartphone product from China. HuaweiP9 has a lock screen bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. \nAn attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. There is a security flaw in the Huawei P9",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2691"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "VULHUB",
"id": "VHN-110894"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2691",
"trust": 3.4
},
{
"db": "BID",
"id": "95658",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-00662",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-110894",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
]
},
"id": "VAR-201711-0257",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
}
],
"trust": 1.28483934
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
}
]
},
"last_update_date": "2023-12-18T13:19:19.537000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170118-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-smartphone-en"
},
{
"title": "HuaweiP9 lock screen bypasses the patch of the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88421"
},
{
"title": "Huawei P9 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67332"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-smartphone-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/95658"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2691"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2691"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170118-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"db": "VULHUB",
"id": "VHN-110894"
},
{
"db": "BID",
"id": "95658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"db": "NVD",
"id": "CVE-2017-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-110894"
},
{
"date": "2017-01-18T00:00:00",
"db": "BID",
"id": "95658"
},
{
"date": "2017-12-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"date": "2017-11-22T19:29:00.287000",
"db": "NVD",
"id": "CVE-2017-2691"
},
{
"date": "2017-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00662"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-110894"
},
{
"date": "2017-01-23T00:12:00",
"db": "BID",
"id": "95658"
},
{
"date": "2017-12-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010500"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-2691"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 Smartphone software access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010500"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-773"
}
],
"trust": 0.6
}
}
VAR-201704-0495
Vulnerability from variot - Updated: 2023-12-18 13:14Touchscreen driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a heap overflow vulnerability, which allows attackers to crash the system or escalate user privilege. Huawei P9 , P9 Plus ,and Honor 6 A buffer error vulnerability exists in the touch screen driver of the smartphone software.Information is acquired, information is falsified, and denial of service (DoS) An attack could be made. HuaweiSmartPhones is a smart phone from China Huawei. A number of Huawei smartphone drivers have a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on an affected device. Multiple Huawei Smart Phones drivers are prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions. Huawei P9 versions prior to EVA-AL10C00B192 are vulnerable. Honor 6 versions prior to H60-L02_6.10.1 are vulnerable. Huawei Smart Phones P9 is a smartphone from the Chinese company Huawei. Tothscreen is one of the touch screen drivers. Attackers can exploit this vulnerability to crash the system or elevate privileges by enticing users to install malicious applications and sending specific parameters to the touthscreen driver
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0495",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 6",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 6",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b192",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b190",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "honor",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "66.9.16"
},
{
"model": "honor",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "66.9"
},
{
"model": "p9 eva-al10c00b192",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "honor h60-l02 6.10.1",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"db": "NVD",
"id": "CVE-2016-8760"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_plus_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8760"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhao Jianqiang from Lab 0x031E of Qihoo 360 Technology Co. Ltd.",
"sources": [
{
"db": "BID",
"id": "93530"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8760",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-8760",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2016-09938",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-97580",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-8760",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8760",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-09938",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-664",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-97580",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"db": "VULHUB",
"id": "VHN-97580"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"db": "NVD",
"id": "CVE-2016-8760"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Touchscreen driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a heap overflow vulnerability, which allows attackers to crash the system or escalate user privilege. Huawei P9 , P9 Plus ,and Honor 6 A buffer error vulnerability exists in the touch screen driver of the smartphone software.Information is acquired, information is falsified, and denial of service (DoS) An attack could be made. HuaweiSmartPhones is a smart phone from China Huawei. A number of Huawei smartphone drivers have a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on an affected device. Multiple Huawei Smart Phones drivers are prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions. \nHuawei P9 versions prior to EVA-AL10C00B192 are vulnerable. \nHonor 6 versions prior to H60-L02_6.10.1 are vulnerable. Huawei Smart Phones P9 is a smartphone from the Chinese company Huawei. Tothscreen is one of the touch screen drivers. Attackers can exploit this vulnerability to crash the system or elevate privileges by enticing users to install malicious applications and sending specific parameters to the touthscreen driver",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8760"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "VULHUB",
"id": "VHN-97580"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8760",
"trust": 3.4
},
{
"db": "BID",
"id": "93530",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-664",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-09938",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97580",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"db": "VULHUB",
"id": "VHN-97580"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"db": "NVD",
"id": "CVE-2016-8760"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
]
},
"id": "VAR-201704-0495",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"db": "VULHUB",
"id": "VHN-97580"
}
],
"trust": 1.28895743
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09938"
}
]
},
"last_update_date": "2023-12-18T13:14:23.123000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161012-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"
},
{
"title": "Patch for multiple Huawei smartphone driver heap buffer overflow vulnerabilities (CNVD-2016-09938)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/82929"
},
{
"title": "Huawei Smart Phones P9 touthscreen Driver fix for heap-based buffer overflow vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65045"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97580"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"db": "NVD",
"id": "CVE-2016-8760"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/93530"
},
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8760"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8760"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"db": "VULHUB",
"id": "VHN-97580"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"db": "NVD",
"id": "CVE-2016-8760"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"db": "VULHUB",
"id": "VHN-97580"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"db": "NVD",
"id": "CVE-2016-8760"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97580"
},
{
"date": "2016-10-12T00:00:00",
"db": "BID",
"id": "93530"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"date": "2017-04-02T20:59:01.220000",
"db": "NVD",
"id": "CVE-2016-8760"
},
{
"date": "2016-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09938"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97580"
},
{
"date": "2016-12-20T01:09:00",
"db": "BID",
"id": "93530"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008234"
},
{
"date": "2017-04-07T19:59:43.483000",
"db": "NVD",
"id": "CVE-2016-8760"
},
{
"date": "2016-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Buffer error vulnerability in touchscreen driver of smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008234"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-664"
}
],
"trust": 0.6
}
}
VAR-201704-0496
Vulnerability from variot - Updated: 2023-12-18 13:14Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. Huawei P9 , P9 Plus ,and Honor 6 The video driver for smartphone software contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. HuaweiSmartPhones is a smart phone from China Huawei. A number of Huawei smartphone drivers have a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on an affected device. Multiple Huawei Smart Phones drivers are prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions. Huawei P9 versions prior to EVA-AL10C00B192 are vulnerable. Honor 6 versions prior to H60-L02_6.10.1 are vulnerable. Huawei Smart Phones P9 is a smartphone from the Chinese company Huawei. video driver is one of the video drivers. Attackers can exploit this vulnerability to crash the system or elevate privileges by enticing users to install malicious applications and send specific parameters to the video driver
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0496",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 6",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 6",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b192",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b190",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "honor",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "66.9.16"
},
{
"model": "honor",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "66.9"
},
{
"model": "p9 eva-al10c00b192",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "honor h60-l02 6.10.1",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"db": "NVD",
"id": "CVE-2016-8761"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_plus_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8761"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhao Jianqiang from Lab 0x031E of Qihoo 360 Technology Co. Ltd.",
"sources": [
{
"db": "BID",
"id": "93530"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8761",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-8761",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2016-09937",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-97581",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-8761",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8761",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-09937",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-663",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-97581",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"db": "VULHUB",
"id": "VHN-97581"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"db": "NVD",
"id": "CVE-2016-8761"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. Huawei P9 , P9 Plus ,and Honor 6 The video driver for smartphone software contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. HuaweiSmartPhones is a smart phone from China Huawei. A number of Huawei smartphone drivers have a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on an affected device. Multiple Huawei Smart Phones drivers are prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions. \nHuawei P9 versions prior to EVA-AL10C00B192 are vulnerable. \nHonor 6 versions prior to H60-L02_6.10.1 are vulnerable. Huawei Smart Phones P9 is a smartphone from the Chinese company Huawei. video driver is one of the video drivers. Attackers can exploit this vulnerability to crash the system or elevate privileges by enticing users to install malicious applications and send specific parameters to the video driver",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8761"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "VULHUB",
"id": "VHN-97581"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8761",
"trust": 3.4
},
{
"db": "BID",
"id": "93530",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-663",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-09937",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97581",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"db": "VULHUB",
"id": "VHN-97581"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"db": "NVD",
"id": "CVE-2016-8761"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
]
},
"id": "VAR-201704-0496",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"db": "VULHUB",
"id": "VHN-97581"
}
],
"trust": 1.28895743
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09937"
}
]
},
"last_update_date": "2023-12-18T13:14:23.052000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161012-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"
},
{
"title": "Patch for multiple Huawei smartphone driver heap buffer overflow vulnerabilities (CNVD-2016-09937)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/82928"
},
{
"title": "Huawei Smart Phones P9 video Driver fix for stack-based buffer overflow vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65044"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97581"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"db": "NVD",
"id": "CVE-2016-8761"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/93530"
},
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8761"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8761"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"db": "VULHUB",
"id": "VHN-97581"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"db": "NVD",
"id": "CVE-2016-8761"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"db": "VULHUB",
"id": "VHN-97581"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"db": "NVD",
"id": "CVE-2016-8761"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97581"
},
{
"date": "2016-10-12T00:00:00",
"db": "BID",
"id": "93530"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"date": "2017-04-02T20:59:01.250000",
"db": "NVD",
"id": "CVE-2016-8761"
},
{
"date": "2016-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09937"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97581"
},
{
"date": "2016-12-20T01:09:00",
"db": "BID",
"id": "93530"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008235"
},
{
"date": "2017-04-07T20:00:16.983000",
"db": "NVD",
"id": "CVE-2016-8761"
},
{
"date": "2016-11-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Buffer error vulnerability in video driver for smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008235"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-663"
}
],
"trust": 0.6
}
}
VAR-201704-0494
Vulnerability from variot - Updated: 2023-12-18 13:14Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. Huawei P9 , P9 Plus ,and Honor 6 The video driver for smartphone software contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. HuaweiSmartPhones is a smart phone from China Huawei. A number of Huawei smartphone drivers have a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on an affected device. Multiple Huawei Smart Phones drivers are prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions. Huawei P9 versions prior to EVA-AL10C00B192 are vulnerable. Honor 6 versions prior to H60-L02_6.10.1 are vulnerable. Huawei Smart Phones P9 is a smartphone from the Chinese company Huawei. video driver is one of the video drivers. Attackers can exploit this vulnerability to crash the system or elevate privileges by enticing users to install malicious applications and send specific parameters to the video driver
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0494",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 6",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 6",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b192",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b190",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "honor",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "66.9.16"
},
{
"model": "honor",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "66.9"
},
{
"model": "p9 eva-al10c00b192",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "honor h60-l02 6.10.1",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_plus_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhao Jianqiang from Lab 0x031E of Qihoo 360 Technology Co. Ltd.",
"sources": [
{
"db": "BID",
"id": "93530"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8759",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-8759",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2016-09936",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-97579",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-8759",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8759",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-09936",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-662",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-97579",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. Huawei P9 , P9 Plus ,and Honor 6 The video driver for smartphone software contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. HuaweiSmartPhones is a smart phone from China Huawei. A number of Huawei smartphone drivers have a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on an affected device. Multiple Huawei Smart Phones drivers are prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions. \nHuawei P9 versions prior to EVA-AL10C00B192 are vulnerable. \nHonor 6 versions prior to H60-L02_6.10.1 are vulnerable. Huawei Smart Phones P9 is a smartphone from the Chinese company Huawei. video driver is one of the video drivers. Attackers can exploit this vulnerability to crash the system or elevate privileges by enticing users to install malicious applications and send specific parameters to the video driver",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "VULHUB",
"id": "VHN-97579"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8759",
"trust": 3.4
},
{
"db": "BID",
"id": "93530",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-09936",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97579",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"id": "VAR-201704-0494",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
}
],
"trust": 1.28895743
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
}
]
},
"last_update_date": "2023-12-18T13:14:23.090000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161012-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"
},
{
"title": "Patches for multiple Huawei smartphone driver heap buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/82926"
},
{
"title": "Huawei Smart Phones P9 video Driver fix for stack-based buffer overflow vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65043"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/93530"
},
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8759"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8759"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97579"
},
{
"date": "2016-10-12T00:00:00",
"db": "BID",
"id": "93530"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"date": "2017-04-02T20:59:01.173000",
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"date": "2016-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97579"
},
{
"date": "2016-12-20T01:09:00",
"db": "BID",
"id": "93530"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"date": "2017-04-07T19:59:22.840000",
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"date": "2016-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Buffer error vulnerability in video driver for smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
],
"trust": 0.6
}
}
VAR-201711-0229
Vulnerability from variot - Updated: 2023-12-18 13:14HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383, versions earlier before EVA-L09C636B380, versions earlier before VIE-L09C432B370, versions earlier before VIE-L29C636B370 have an insufficient input validation vulnerability. An attacker could exploit this vulnerability to tamper with air interface signaling messages and obtain some communication information. HUAWEI P9 Smartphone software contains a vulnerability related to input validation.Information may be obtained and information may be altered. HuaweiP9 is a smartphone from Huawei. The HuaweiP9 has an input verification vulnerability. The Huawei P9 is a smartphone from the Chinese company Huawei. Audio driver is one of the audio drivers. There is a security vulnerability in Huawei P9, the vulnerability is caused by the program not adequately validating the fields in the message
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0229",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-l09c432b383"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-l09c636b380"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "vie-l09c432b370"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "vie-l29c636b370"
},
{
"model": "p9 \u003c=eva-l09c432b383",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-l09c636b380",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=vie-l09c432b370",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=vie-l29c636b370",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"db": "NVD",
"id": "CVE-2017-2713"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c432b383",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c636b380",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vie-l09c432b370",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vie-l29c636b370",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2713"
}
]
},
"cve": "CVE-2017-2713",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-2713",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2017-05863",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-110916",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-2713",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-2713",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-05863",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-1011",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110916",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"db": "VULHUB",
"id": "VHN-110916"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"db": "NVD",
"id": "CVE-2017-2713"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383, versions earlier before EVA-L09C636B380, versions earlier before VIE-L09C432B370, versions earlier before VIE-L29C636B370 have an insufficient input validation vulnerability. An attacker could exploit this vulnerability to tamper with air interface signaling messages and obtain some communication information. HUAWEI P9 Smartphone software contains a vulnerability related to input validation.Information may be obtained and information may be altered. HuaweiP9 is a smartphone from Huawei. The HuaweiP9 has an input verification vulnerability. The Huawei P9 is a smartphone from the Chinese company Huawei. Audio driver is one of the audio drivers. There is a security vulnerability in Huawei P9, the vulnerability is caused by the program not adequately validating the fields in the message",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2713"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"db": "VULHUB",
"id": "VHN-110916"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2713",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1011",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-05863",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-110916",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"db": "VULHUB",
"id": "VHN-110916"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"db": "NVD",
"id": "CVE-2017-2713"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
]
},
"id": "VAR-201711-0229",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"db": "VULHUB",
"id": "VHN-110916"
}
],
"trust": 1.28483934
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05863"
}
]
},
"last_update_date": "2023-12-18T13:14:06.468000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170419-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-smartphone-en"
},
{
"title": "HuaweiP9 enters the patch for the verification vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/93142"
},
{
"title": "Huawei P9 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76721"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110916"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"db": "NVD",
"id": "CVE-2017-2713"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2713"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2713"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170420-01-fusionsphere-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"db": "VULHUB",
"id": "VHN-110916"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"db": "NVD",
"id": "CVE-2017-2713"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"db": "VULHUB",
"id": "VHN-110916"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"db": "NVD",
"id": "CVE-2017-2713"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-110916"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"date": "2017-11-22T19:29:01.053000",
"db": "NVD",
"id": "CVE-2017-2713"
},
{
"date": "2017-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05863"
},
{
"date": "2017-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-110916"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010807"
},
{
"date": "2017-12-12T18:04:21.240000",
"db": "NVD",
"id": "CVE-2017-2713"
},
{
"date": "2017-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HUAWEI P9 Vulnerability related to input validation in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010807"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1011"
}
],
"trust": 0.6
}
}
VAR-201704-0505
Vulnerability from variot - Updated: 2023-12-18 13:08Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account. Huawei P9 and P9 Lite Software contains an authorization vulnerability.Information may be tampered with. HuaweiP9 and P9Lite are Huawei smartphones. Huawei Mobile FRP (FactoryResetProtection) bypasses the vulnerability. The attacker exploits the vulnerability to update the Googleaccount without authorization during the FRP reset process, which causes the FRP function to bypass. An attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. The Huawei P9 and others are smartphones from the Chinese company Huawei. The following versions are affected: Huawei P9 EVA-AL10C00 version, EVA-CL10C00 version, EVA-DL10C00 version, EVA-TL10C00 version; P9 Lite VNS-L21C185 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0505",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9 lite",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "vns-l21c185"
},
{
"model": "p9",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "eva-al10c00"
},
{
"model": "p9",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "eva-cl10c00"
},
{
"model": "p9",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "eva-dl10c00"
},
{
"model": "p9",
"scope": "eq",
"trust": 2.4,
"vendor": "huawei",
"version": "eva-tl10c00"
},
{
"model": "p9 eva-al10c00",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite vns-l21c185",
"scope": null,
"trust": 0.9,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite vns-l21c185b150",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00b195",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b195",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b195",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b195",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"db": "BID",
"id": "94836"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"db": "NVD",
"id": "CVE-2016-8776"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:eva-dl10c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:eva-cl10c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:eva-al10c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:eva-tl10c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_lite_firmware:vns-l21c185:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8776"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aung Khant Zaw from Myanmar",
"sources": [
{
"db": "BID",
"id": "94836"
}
],
"trust": 0.3
},
"cve": "CVE-2016-8776",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8776",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-12014",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-97596",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8776",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8776",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-12014",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-240",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-97596",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2016-8776",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"db": "VULHUB",
"id": "VHN-97596"
},
{
"db": "VULMON",
"id": "CVE-2016-8776"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"db": "NVD",
"id": "CVE-2016-8776"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account. Huawei P9 and P9 Lite Software contains an authorization vulnerability.Information may be tampered with. HuaweiP9 and P9Lite are Huawei smartphones. Huawei Mobile FRP (FactoryResetProtection) bypasses the vulnerability. The attacker exploits the vulnerability to update the Googleaccount without authorization during the FRP reset process, which causes the FRP function to bypass. \nAn attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. The Huawei P9 and others are smartphones from the Chinese company Huawei. The following versions are affected: Huawei P9 EVA-AL10C00 version, EVA-CL10C00 version, EVA-DL10C00 version, EVA-TL10C00 version; P9 Lite VNS-L21C185 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8776"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"db": "BID",
"id": "94836"
},
{
"db": "VULHUB",
"id": "VHN-97596"
},
{
"db": "VULMON",
"id": "CVE-2016-8776"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8776",
"trust": 3.5
},
{
"db": "BID",
"id": "94836",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201612-240",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-12014",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97596",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-8776",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"db": "VULHUB",
"id": "VHN-97596"
},
{
"db": "VULMON",
"id": "CVE-2016-8776"
},
{
"db": "BID",
"id": "94836"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"db": "NVD",
"id": "CVE-2016-8776"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
]
},
"id": "VAR-201704-0505",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"db": "VULHUB",
"id": "VHN-97596"
}
],
"trust": 1.3436644
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12014"
}
]
},
"last_update_date": "2023-12-18T13:08:53.183000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161207-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"
},
{
"title": "Huawei mobile phone FRP bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/85423"
},
{
"title": "Multiple Huawei Mobile phone FRP Repair measures to bypass security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66277"
},
{
"title": "CVE-2016-8776",
"trust": 0.1,
"url": "https://github.com/maviroxz/cve-2016-8776 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"db": "VULMON",
"id": "CVE-2016-8776"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-285",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97596"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"db": "NVD",
"id": "CVE-2016-8776"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-smartphone-en"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/94836"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8776"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8776"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161207-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/285.html"
},
{
"trust": 0.1,
"url": "https://github.com/maviroxz/cve-2016-8776"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"db": "VULHUB",
"id": "VHN-97596"
},
{
"db": "VULMON",
"id": "CVE-2016-8776"
},
{
"db": "BID",
"id": "94836"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"db": "NVD",
"id": "CVE-2016-8776"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"db": "VULHUB",
"id": "VHN-97596"
},
{
"db": "VULMON",
"id": "CVE-2016-8776"
},
{
"db": "BID",
"id": "94836"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"db": "NVD",
"id": "CVE-2016-8776"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97596"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8776"
},
{
"date": "2016-12-07T00:00:00",
"db": "BID",
"id": "94836"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"date": "2017-04-02T20:59:01.500000",
"db": "NVD",
"id": "CVE-2016-8776"
},
{
"date": "2016-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12014"
},
{
"date": "2017-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-97596"
},
{
"date": "2017-04-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8776"
},
{
"date": "2016-12-20T01:08:00",
"db": "BID",
"id": "94836"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008255"
},
{
"date": "2017-04-10T20:28:07.127000",
"db": "NVD",
"id": "CVE-2016-8776"
},
{
"date": "2016-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 and P9 Lite Software authorization vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008255"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-240"
}
],
"trust": 0.6
}
}
VAR-201711-0219
Vulnerability from variot - Updated: 2023-12-18 13:08Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting. Mate 9 and P9 Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. huaweiMate9 and P9 are the smartphones of China's Huawei company. Huawei's mobile phone has a retrieving function security bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. The following versions are affected: Huawei Mate 9 versions prior to MHA-AL00BC00B156, versions prior to MHA-CL00BC00B156, versions prior to MHA-DL00BC00B156, versions prior to MHA-TL00BC00B156; versions prior to P9 EVA-AL10C00B373, versions prior to EVA-CL10C00B373 , the version before EVA-DL10C00B373, the version before EVA-TL10C00B373
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0219",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "mha-al00bc00b156"
},
{
"model": "mate 9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "mha-cl00bc00b156"
},
{
"model": "mate 9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "mha-dl00bc00b156"
},
{
"model": "mate 9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "mha-tl00bc00b156"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al10c00b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-cl10c00b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-dl10c00b373"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-tl10c00b373"
},
{
"model": "mate \u003cmha-al00bc00b156",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "mate \u003cmha-cl00bc00b156",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "mate \u003cmha-dl00bc00b156",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "mate \u003cmha-tl00bc00b156",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "p9 \u003ceva-al10c00b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-cl10c00b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-dl10c00b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-tl10c00b373",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "mate",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "90"
},
{
"model": "p9 eva-tl10c00b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b373",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mate mha-tl00bc00b156",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "9"
},
{
"model": "mate mha-dl00bc00b156",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "9"
},
{
"model": "mate mha-cl00bc00b156",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "9"
},
{
"model": "mate mha-al00bc00b156",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "9"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"db": "BID",
"id": "95657"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"db": "NVD",
"id": "CVE-2017-2703"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "mha-al00bc00b156",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "mha-cl00bc00b156",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "mha-dl00bc00b156",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "mha-tl00bc00b156",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b373",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-cl10c00b373",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-dl10c00b373",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-tl10c00b373",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2703"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95657"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2703",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-2703",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2017-00658",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-110906",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-2703",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-2703",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-00658",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-770",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110906",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"db": "VULHUB",
"id": "VHN-110906"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"db": "NVD",
"id": "CVE-2017-2703"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting. Mate 9 and P9 Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. huaweiMate9 and P9 are the smartphones of China\u0027s Huawei company. Huawei\u0027s mobile phone has a retrieving function security bypass vulnerability. Huawei Smart Phones are prone to a security-bypass vulnerability. \nAn attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions. The following versions are affected: Huawei Mate 9 versions prior to MHA-AL00BC00B156, versions prior to MHA-CL00BC00B156, versions prior to MHA-DL00BC00B156, versions prior to MHA-TL00BC00B156; versions prior to P9 EVA-AL10C00B373, versions prior to EVA-CL10C00B373 , the version before EVA-DL10C00B373, the version before EVA-TL10C00B373",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2703"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"db": "BID",
"id": "95657"
},
{
"db": "VULHUB",
"id": "VHN-110906"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2703",
"trust": 3.4
},
{
"db": "BID",
"id": "95657",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201701-770",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-00658",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-110906",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"db": "VULHUB",
"id": "VHN-110906"
},
{
"db": "BID",
"id": "95657"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"db": "NVD",
"id": "CVE-2017-2703"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
]
},
"id": "VAR-201711-0219",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"db": "VULHUB",
"id": "VHN-110906"
}
],
"trust": 1.3262463
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00658"
}
]
},
"last_update_date": "2023-12-18T13:08:41.530000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170118-05-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-05-smartphone-en"
},
{
"title": "Huawei mobile phone to retrieve the patch that functionally bypasses the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88417"
},
{
"title": "Huawei Mate 9 and P9 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67329"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110906"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"db": "NVD",
"id": "CVE-2017-2703"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-05-smartphone-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/95657"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2703"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2703"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170118-05-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"db": "VULHUB",
"id": "VHN-110906"
},
{
"db": "BID",
"id": "95657"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"db": "NVD",
"id": "CVE-2017-2703"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"db": "VULHUB",
"id": "VHN-110906"
},
{
"db": "BID",
"id": "95657"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"db": "NVD",
"id": "CVE-2017-2703"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-110906"
},
{
"date": "2017-01-18T00:00:00",
"db": "BID",
"id": "95657"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"date": "2017-11-22T19:29:00.693000",
"db": "NVD",
"id": "CVE-2017-2703"
},
{
"date": "2017-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00658"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-110906"
},
{
"date": "2017-01-23T00:12:00",
"db": "BID",
"id": "95657"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010793"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-2703"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mate 9 and P9 Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010793"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-770"
}
],
"trust": 0.6
}
}
VAR-201711-0988
Vulnerability from variot - Updated: 2023-12-18 13:08The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory writing in the next system reboot, causing continuous system reboot or arbitrary code execution. Huawei P10 and P10 Plus Smartphone software contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiP10 and P10Plus are both Huawei's smartphone products. The HuaweiP10 and P10Plus bootloaders have written arbitrary memory leaks due to lack of parameter checking. The Huawei P10 and P10 Plus are both smartphones from the Chinese company Huawei. Bootloader is one of the system startup programs. The bootloader in Huawei P10 and P10 Plus has a security vulnerability, which is caused by the program not checking parameters adequately. The following products and versions are affected: Huawei P10 Victoria-L09AC605B162 earlier, Victoria-L29AC605B162 earlier; P10 Plus Vicky-L29AC605B162 earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0988",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p10",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "victoria-l29ac605b162"
},
{
"model": "p8 lite",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "ale-l21c113b566"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l19c432b388"
},
{
"model": "p10",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "victoria-l09ac605b162"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c576b386"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c432b391"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c636b388"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l19c605b390"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l19c10b390"
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vicky-l29ac605b162"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c635b387"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l19c636b391"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c605b390"
},
{
"model": "p10 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p10",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p10 \u003cvictoria-l09ac605b162",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p10 \u003cvictoria-l29ac605b162",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p10 plus \u003cvicky-l29ac605b162",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"db": "NVD",
"id": "CVE-2017-8150"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "victoria-l09ac605b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p10_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "victoria-l29ac605b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vicky-l29ac605b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "ale-l21c113b566",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c432b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c576b386",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c605b390",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c635b387",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c636b388",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l19c10b390",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l19c432b388",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l19c605b390",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l19c636b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8150"
}
]
},
"cve": "CVE-2017-8150",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-8150",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-28814",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-116353",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-8150",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8150",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-28814",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-980",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-116353",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"db": "VULHUB",
"id": "VHN-116353"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"db": "NVD",
"id": "CVE-2017-8150"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory writing in the next system reboot, causing continuous system reboot or arbitrary code execution. Huawei P10 and P10 Plus Smartphone software contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiP10 and P10Plus are both Huawei\u0027s smartphone products. The HuaweiP10 and P10Plus bootloaders have written arbitrary memory leaks due to lack of parameter checking. The Huawei P10 and P10 Plus are both smartphones from the Chinese company Huawei. Bootloader is one of the system startup programs. The bootloader in Huawei P10 and P10 Plus has a security vulnerability, which is caused by the program not checking parameters adequately. The following products and versions are affected: Huawei P10 Victoria-L09AC605B162 earlier, Victoria-L29AC605B162 earlier; P10 Plus Vicky-L29AC605B162 earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8150"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"db": "VULHUB",
"id": "VHN-116353"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8150",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-980",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-28814",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116353",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"db": "VULHUB",
"id": "VHN-116353"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"db": "NVD",
"id": "CVE-2017-8150"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
]
},
"id": "VAR-201711-0988",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"db": "VULHUB",
"id": "VHN-116353"
}
],
"trust": 1.285179785
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28814"
}
]
},
"last_update_date": "2023-12-18T13:08:40.883000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170816-02-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-02-smartphone-en"
},
{
"title": "Huawei mobile phone writes a patch for any memory vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103206"
},
{
"title": "Huawei P10 and P10 Plus Bootloader Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76690"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116353"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"db": "NVD",
"id": "CVE-2017-8150"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-02-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8150"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8150"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170816-02-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"db": "VULHUB",
"id": "VHN-116353"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"db": "NVD",
"id": "CVE-2017-8150"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"db": "VULHUB",
"id": "VHN-116353"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"db": "NVD",
"id": "CVE-2017-8150"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-116353"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"date": "2017-11-22T19:29:03.350000",
"db": "NVD",
"id": "CVE-2017-8150"
},
{
"date": "2017-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-28814"
},
{
"date": "2017-12-08T00:00:00",
"db": "VULHUB",
"id": "VHN-116353"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010626"
},
{
"date": "2017-12-08T14:50:57.677000",
"db": "NVD",
"id": "CVE-2017-8150"
},
{
"date": "2017-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P10 and P10 Plus Buffer error vulnerability in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010626"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-980"
}
],
"trust": 0.6
}
}
VAR-201711-1030
Vulnerability from variot - Updated: 2023-12-18 13:08Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have a permission control vulnerability. An attacker with the system privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. plural Huawei Smartphone software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Glory 8, Glory V8, Glory 9, Glory V9, Enjoy 7Plus, P9, P10Plus, Nova2 and Nova2Plus are all Huawei smartphones from China. There are permission control vulnerabilities in various Huawei phones. The Huawei Honor 8 and others are smartphone products of the Chinese company Huawei. Several Huawei products have security vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-1030",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nova 2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "picasso-tl00c01b162"
},
{
"model": "toronto",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "toronto-tl10c01b191"
},
{
"model": "honor v8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "knt-al20c00b391"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-tl00c01b396"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-dl00c17b396"
},
{
"model": "honor 9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "stanford-al00c00b175"
},
{
"model": "nova 2 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "barca-tl00c00b162"
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vicky-al00ac00b172"
},
{
"model": "nova 2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "picasso-al00c00b162"
},
{
"model": "honor 9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "stanford-tl00c01b175"
},
{
"model": "nova 2 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "barca-al00c00b162"
},
{
"model": "honor v8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "knt-tl10c00b391"
},
{
"model": "honor 9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "stanford-al10c00b175"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-al10c00b396sp03"
},
{
"model": "toronto",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "toronto-al00ac00b191"
},
{
"model": "honor v8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "knt-ul10c00b391"
},
{
"model": "honor v8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "knt-al10c00b391"
},
{
"model": "honor v9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "duke-tl30c01b191"
},
{
"model": "honor 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "frd-dl00c00b391"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-cl00c92b396"
},
{
"model": "honor v9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "duke-al20c00b191"
},
{
"model": "honor 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "frd-al00c00b391"
},
{
"model": "honor 8",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor v8",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor v9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nova 2 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nova 2",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p10 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "toronto",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nova plus \u003c=barca-al00c00b162",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "nova plus \u003c=barca-tl00c00b162",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "nova \u003c=picasso-al00c00b162",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "nova \u003c=picasso-tl00c00b162",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "p10 plus \u003c=vicky-al00ac00b172",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-al10c00b396sp03",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-cl00c92b396",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-dl00c17b396",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-tl00c01b396",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "enjoy plus \u003c=toronto-al00ac00b191",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7"
},
{
"model": "enjoy plus \u003c=toronto-tl10c01b191",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7"
},
{
"model": "glory \u003c=duke-al20c00b191",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v9"
},
{
"model": "glory \u003c=duke-tl30c01b191",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v9"
},
{
"model": "glory \u003c=stanford-al00c00b175",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "glory \u003c=stanford-al10c00b175",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "glory \u003c=stanford-tl00c01b175",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "glory \u003c=frd-dl00c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=knt-al10c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=knt-al20c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=knt-ul10c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=knt-tl10c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=frd-al00c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"db": "NVD",
"id": "CVE-2017-8215"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "frd-al00c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "frd-dl00c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "knt-al10c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "knt-al20c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "knt-ul10c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "knt-tl10c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "stanford-al00c00b175",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "stanford-al10c00b175",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "stanford-tl00c01b175",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "duke-al20c00b191",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "duke-tl30c01b191",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "picasso-al00c00b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "picasso-tl00c01b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_2_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "barca-al00c00b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_2_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_2_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "barca-tl00c00b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_2_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b396sp03",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-cl00c92b396",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-dl00c17b396",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-tl00c01b396",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vicky-al00ac00b172",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:toronto_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "toronto-al00ac00b191",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:toronto:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:toronto_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "toronto-tl10c01b191",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:toronto:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8215"
}
]
},
"cve": "CVE-2017-8215",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-8215",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-28207",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-116418",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.3,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.2,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-8215",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8215",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-28207",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-930",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116418",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"db": "VULHUB",
"id": "VHN-116418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"db": "NVD",
"id": "CVE-2017-8215"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have a permission control vulnerability. An attacker with the system privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. plural Huawei Smartphone software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Glory 8, Glory V8, Glory 9, Glory V9, Enjoy 7Plus, P9, P10Plus, Nova2 and Nova2Plus are all Huawei smartphones from China. There are permission control vulnerabilities in various Huawei phones. The Huawei Honor 8 and others are smartphone products of the Chinese company Huawei. Several Huawei products have security vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8215"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"db": "VULHUB",
"id": "VHN-116418"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8215",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-930",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-28207",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116418",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"db": "VULHUB",
"id": "VHN-116418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"db": "NVD",
"id": "CVE-2017-8215"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
]
},
"id": "VAR-201711-1030",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"db": "VULHUB",
"id": "VHN-116418"
}
],
"trust": 1.3858876328571428
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28207"
}
]
},
"last_update_date": "2023-12-18T13:08:40.826000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170807-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170807-01-smartphone-en"
},
{
"title": "Patches for multiple Huawei mobile rights control vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/102760"
},
{
"title": "Multiple Huawei Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76640"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"db": "NVD",
"id": "CVE-2017-8215"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170807-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8215"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8215"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170807-01-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"db": "VULHUB",
"id": "VHN-116418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"db": "NVD",
"id": "CVE-2017-8215"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"db": "VULHUB",
"id": "VHN-116418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"db": "NVD",
"id": "CVE-2017-8215"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-116418"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"date": "2017-11-22T19:29:05.617000",
"db": "NVD",
"id": "CVE-2017-8215"
},
{
"date": "2017-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-28207"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-116418"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010592"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-8215"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerabilities related to authorization, authority, and access control in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010592"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-930"
}
],
"trust": 0.6
}
}
VAR-201711-1029
Vulnerability from variot - Updated: 2023-12-18 12:57Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have an unlock code verification bypassing vulnerability. An attacker with the root privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. plural Huawei Smartphone software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Glory 8, Glory V8, Glory 9, Glory V9, Enjoy 7Plus, P9, P10Plus, Nova2 and Nova2Plus are all Huawei smartphones from China. The Huawei Honor 8 and others are smartphone products of the Chinese company Huawei. Several Huawei products have security vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-1029",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nova 2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "picasso-tl00c01b162"
},
{
"model": "toronto",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "toronto-tl10c01b191"
},
{
"model": "honor v8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "knt-al20c00b391"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-tl00c01b396"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-dl00c17b396"
},
{
"model": "honor 9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "stanford-al00c00b175"
},
{
"model": "nova 2 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "barca-tl00c00b162"
},
{
"model": "p10 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vicky-al00ac00b172"
},
{
"model": "nova 2",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "picasso-al00c00b162"
},
{
"model": "honor 9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "stanford-tl00c01b175"
},
{
"model": "nova 2 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "barca-al00c00b162"
},
{
"model": "honor v8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "knt-tl10c00b391"
},
{
"model": "honor 9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "stanford-al10c00b175"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-al10c00b396sp03"
},
{
"model": "toronto",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "toronto-al00ac00b191"
},
{
"model": "honor v8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "knt-ul10c00b391"
},
{
"model": "honor v8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "knt-al10c00b391"
},
{
"model": "honor v9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "duke-tl30c01b191"
},
{
"model": "honor 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "frd-dl00c00b391"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-cl00c92b396"
},
{
"model": "honor v9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "duke-al20c00b191"
},
{
"model": "honor 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "frd-al00c00b391"
},
{
"model": "honor 8",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor 9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor v8",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "honor v9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nova 2 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nova 2",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p10 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "toronto",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "nova plus \u003c=barca-al00c00b162",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "nova plus \u003c=barca-tl00c00b162",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "nova \u003c=picasso-al00c00b162",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "nova \u003c=picasso-tl00c00b162",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "2"
},
{
"model": "p10 plus \u003c=vicky-al00ac00b172",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-al10c00b396sp03",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-cl00c92b396",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-dl00c17b396",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-tl00c01b396",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "enjoy plus \u003c=toronto-al00ac00b191",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7"
},
{
"model": "enjoy plus \u003c=toronto-tl10c01b191",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "7"
},
{
"model": "glory \u003c=duke-al20c00b191",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v9"
},
{
"model": "glory \u003c=duke-tl30c01b191",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v9"
},
{
"model": "glory \u003c=stanford-al00c00b175",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "glory \u003c=stanford-al10c00b175",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "glory \u003c=stanford-tl00c01b175",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "9"
},
{
"model": "glory \u003c=frd-dl00c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=knt-al10c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=knt-al20c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=knt-ul10c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=knt-tl10c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "v8"
},
{
"model": "glory \u003c=frd-al00c00b391",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"db": "NVD",
"id": "CVE-2017-8214"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "frd-al00c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "frd-dl00c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "knt-al10c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "knt-al20c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "knt-ul10c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "knt-tl10c00b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "stanford-al00c00b175",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "stanford-al10c00b175",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "stanford-tl00c01b175",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "duke-al20c00b191",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:honor_v9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "duke-tl30c01b191",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:honor_v9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "picasso-al00c00b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "picasso-tl00c01b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_2_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "barca-al00c00b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_2_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:nova_2_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "barca-tl00c00b162",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:nova_2_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b396sp03",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-cl00c92b396",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-dl00c17b396",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-tl00c01b396",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p10_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vicky-al00ac00b172",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p10_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:toronto_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "toronto-al00ac00b191",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:toronto:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:toronto_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "toronto-tl10c01b191",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:toronto:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8214"
}
]
},
"cve": "CVE-2017-8214",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-8214",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-28206",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-116417",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.3,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.2,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-8214",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8214",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-28206",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-931",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116417",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"db": "VULHUB",
"id": "VHN-116417"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"db": "NVD",
"id": "CVE-2017-8214"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have an unlock code verification bypassing vulnerability. An attacker with the root privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. plural Huawei Smartphone software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Glory 8, Glory V8, Glory 9, Glory V9, Enjoy 7Plus, P9, P10Plus, Nova2 and Nova2Plus are all Huawei smartphones from China. The Huawei Honor 8 and others are smartphone products of the Chinese company Huawei. Several Huawei products have security vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8214"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"db": "VULHUB",
"id": "VHN-116417"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8214",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-931",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-28206",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116417",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"db": "VULHUB",
"id": "VHN-116417"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"db": "NVD",
"id": "CVE-2017-8214"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
]
},
"id": "VAR-201711-1029",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"db": "VULHUB",
"id": "VHN-116417"
}
],
"trust": 1.3858876328571428
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28206"
}
]
},
"last_update_date": "2023-12-18T12:57:10.538000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170807-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170807-01-smartphone-en"
},
{
"title": "A number of Huawei phones have patches that bypass the unlock code verification vulnerability.",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/102759"
},
{
"title": "Multiple Huawei Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76641"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116417"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"db": "NVD",
"id": "CVE-2017-8214"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170807-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8214"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8214"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170807-01-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"db": "VULHUB",
"id": "VHN-116417"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"db": "NVD",
"id": "CVE-2017-8214"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"db": "VULHUB",
"id": "VHN-116417"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"db": "NVD",
"id": "CVE-2017-8214"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-116417"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"date": "2017-11-22T19:29:05.523000",
"db": "NVD",
"id": "CVE-2017-8214"
},
{
"date": "2017-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-28206"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-116417"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010591"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2017-8214"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerabilities related to authorization, authority, and access control in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010591"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-931"
}
],
"trust": 0.6
}
}
VAR-201704-0492
Vulnerability from variot - Updated: 2023-12-18 12:44ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from uninitialized memory. Huawei SmartPhones is the smartphone of China Huawei. Huawei SmartPhones has an information disclosure vulnerability. An attacker could exploit this vulnerability to obtain sensitive information. Huawei Smart Phone is prone to a local information-disclosure vulnerability. The Huawei Smart Phone P9 is a smartphone from the Chinese company Huawei
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0492",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al10c00b192"
},
{
"model": "p9",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-cl10c00b192"
},
{
"model": "p9",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-dl10c00b192"
},
{
"model": "p9",
"scope": "lte",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-tl10c00b192"
},
{
"model": "p9",
"scope": "gte",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-dl10"
},
{
"model": "p9",
"scope": "gte",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-tl10"
},
{
"model": "p9",
"scope": "gte",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-al10"
},
{
"model": "p9",
"scope": "gte",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-cl10"
},
{
"model": "p9 \u003c=eva-al10c00b192",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-dl10c00b192",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-tl10c00b192",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003c=eva-cl10c00b192",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "eva-dl10c00b192"
},
{
"model": "p9",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "eva-al10c00b192"
},
{
"model": "p9",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "eva-tl10c00b192"
},
{
"model": "p9",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "eva-cl10c00b192"
},
{
"model": "p9 eva-tl10c00b192",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b192",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b192",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b192",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-tl10c00b193",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-dl10c00b193",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-cl10c00b193",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b193",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"db": "BID",
"id": "93932"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"db": "NVD",
"id": "CVE-2016-8757"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "eva-al10c00b192",
"versionStartIncluding": "eva-al10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "eva-cl10c00b192",
"versionStartIncluding": "eva-cl10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "eva-dl10c00b192",
"versionStartIncluding": "eva-dl10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "eva-tl10c00b192",
"versionStartIncluding": "eva-tl10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8757"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dongdong She and Zhiyun Qian.,Hang Zhang",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
],
"trust": 0.6
},
"cve": "CVE-2016-8757",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-8757",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CNVD-2016-10517",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-97577",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-8757",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8757",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2016-10517",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-816",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-97577",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"db": "VULHUB",
"id": "VHN-97577"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"db": "NVD",
"id": "CVE-2016-8757"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from uninitialized memory. Huawei SmartPhones is the smartphone of China Huawei. Huawei SmartPhones has an information disclosure vulnerability. An attacker could exploit this vulnerability to obtain sensitive information. Huawei Smart Phone is prone to a local information-disclosure vulnerability. The Huawei Smart Phone P9 is a smartphone from the Chinese company Huawei",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8757"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"db": "BID",
"id": "93932"
},
{
"db": "VULHUB",
"id": "VHN-97577"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8757",
"trust": 3.4
},
{
"db": "BID",
"id": "93932",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-816",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-10517",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97577",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"db": "VULHUB",
"id": "VHN-97577"
},
{
"db": "BID",
"id": "93932"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"db": "NVD",
"id": "CVE-2016-8757"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
]
},
"id": "VAR-201704-0492",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"db": "VULHUB",
"id": "VHN-97577"
}
],
"trust": 1.28483934
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10517"
}
]
},
"last_update_date": "2023-12-18T12:44:39.963000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161026-02-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-02-smartphone-en"
},
{
"title": "Huawei SmartPhones Local Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/83401"
},
{
"title": "Huawei Smart Phone P9 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65148"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97577"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"db": "NVD",
"id": "CVE-2016-8757"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-02-smartphone-en"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/93932"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8757"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8757"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"db": "VULHUB",
"id": "VHN-97577"
},
{
"db": "BID",
"id": "93932"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"db": "NVD",
"id": "CVE-2016-8757"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"db": "VULHUB",
"id": "VHN-97577"
},
{
"db": "BID",
"id": "93932"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"db": "NVD",
"id": "CVE-2016-8757"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97577"
},
{
"date": "2016-10-26T00:00:00",
"db": "BID",
"id": "93932"
},
{
"date": "2017-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"date": "2017-04-02T20:59:01.110000",
"db": "NVD",
"id": "CVE-2016-8757"
},
{
"date": "2016-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10517"
},
{
"date": "2019-05-30T00:00:00",
"db": "VULHUB",
"id": "VHN-97577"
},
{
"date": "2016-11-24T11:03:00",
"db": "BID",
"id": "93932"
},
{
"date": "2017-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008263"
},
{
"date": "2019-05-30T14:21:33.883000",
"db": "NVD",
"id": "CVE-2016-8757"
},
{
"date": "2019-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "93932"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei P9 Software ION Vulnerability in memory management module that can retrieve important information from uninitialized memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008263"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-816"
}
],
"trust": 0.6
}
}
VAR-201806-0422
Vulnerability from variot - Updated: 2023-12-18 12:36Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart. plural Huawei Smartphones contain a vulnerability related to input confirmation.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiMate8 and so on are all Huawei smartphone products from China. The Huawei Mate 8, P9 and P9 Plus are all smartphones from the Chinese company Huawei. A denial of service vulnerability exists in Huawei Mate 8, P9, and P9 Plus. The following products and versions are affected: Huawei Mate 8 before NXT-AL10C00B592, before NXT-CL00C92B592, before NXT-DL00C17B592, before NXT-L09AC636B220, before NXT-L09C185B582, before NXT-L09C432B581, before NXT-L09C432B581, NXT-L09C432B581 Version, version before NXT-L29C10B580, version before NXT-L29C185B582, version before NXT-L29C636B589, version before NXT-TL00C01B592; , before EVA-L09C185B391, before EVA-L09C432B395, before EVA-L09C464B383, before EVA-L09C605B392, before EVA-L09C635B391, before EVA-L09C636B388, before EVA-L19C10B394, before 24EVA-L19C -L19C605B390 before, EVA-L19C636B393 before, EVA-L29C636B389 before, EVA-TL00C01B398 before; P9 Plus VIE-L09C318B182 before, VIE-L09C432B380 before, VIE-L09C576B180 before VIE-L09C576B180, VIE-L27C -L29C636B388 before version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0422",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-l29c636b594a"
},
{
"model": "p9 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vie-l09c576b180"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-l09c636b598a"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-cl00c92b593"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l19c636b393"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l19c432b392"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-cl00c92b398"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-al00c00b398"
},
{
"model": "p9 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vie-l29c605b370"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-l29c10b583"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-l09c605b585custc605d590"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-al10c00b398"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l19c10b394"
},
{
"model": "p9 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vie-l29c636b388"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c185b391"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-l29c185b585"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-tl00c01b398"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-al10c00b593"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c605b392"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l19c605b390"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-dl00c17b593"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-l09c185b583"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c432b395"
},
{
"model": "p9",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c636b388"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxtl00c01b593"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l09c464b383"
},
{
"model": "p9 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vie-l09c432b380"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-l29c636b389"
},
{
"model": "mate 8",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "nxt-l09c432b582"
},
{
"model": "p9 plus",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "vie-l09c318b182"
},
{
"model": "p9",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "eva-dl00c17b398"
},
{
"model": "mate 8",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "mate \u003cnxt-al10c00b592",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-cl00c92b592",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-dl00c17b592",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-l09ac636b220",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-l09c185b582",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-l09c432b581",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-l09c605b585",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-l29c10b580",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-l29c185b582",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-l29c636b589",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate \u003cnxt-tl00c01b592",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "8"
},
{
"model": "p9 \u003ceva-al00c00b398",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b398",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-cl00c92b398",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-dl00c17b398",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l09c185b391",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l09c432b395",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l09c464b383",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l09c605b392",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l09c635b391",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l09c636b388",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l19c10b394",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l19c432b392",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l19c605b390",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l19c636b393",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-l29c636b389",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-tl00c01b398",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus \u003cvie-l09c318b182",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus \u003cvie-l09c432b380",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus \u003cvie-l09c576b180",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus \u003cvie-l29c605b370",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus \u003cvie-l29c636b388",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "mate 8",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "nxt-dl10c00b197"
},
{
"model": "mate 8",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "nxt-al10c00b197"
},
{
"model": "p9",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "eva-l09c432b383"
},
{
"model": "p9",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "eva-l09c636b388"
},
{
"model": "mate 8",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "nxt-tl10c00b197"
},
{
"model": "mate 8",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "nxt-cl10c00b197"
},
{
"model": "p9",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "eva-l09c636b380"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"db": "NVD",
"id": "CVE-2017-17171"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-al10c00b593",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-cl00c92b593",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-dl00c17b593",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-l09c636b598a",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-l09c185b583",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-l09c432b582",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-l09c605b585custc605d590",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-l29c10b583",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-l29c185b585",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxt-l29c636b594a",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "nxtl00c01b593",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al00c00b398",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b398",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-cl00c92b398",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-dl00c17b398",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c185b391",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c432b395",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c464b383",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l09c605b392",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "eva-l09c636b388",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l19c10b394",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l19c432b392",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l19c605b390",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l19c636b393",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-l29c636b389",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-tl00c01b398",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vie-l09c318b182",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vie-l09c432b380",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vie-l09c576b180",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vie-l29c605b370",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_plus_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "vie-l29c636b388",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17171"
}
]
},
"cve": "CVE-2017-17171",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-17171",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.9,
"id": "CNVD-2018-12843",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-108167",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 4.2,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-17171",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-17171",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-12843",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-934",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108167",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"db": "VULHUB",
"id": "VHN-108167"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"db": "NVD",
"id": "CVE-2017-17171"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart. plural Huawei Smartphones contain a vulnerability related to input confirmation.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiMate8 and so on are all Huawei smartphone products from China. The Huawei Mate 8, P9 and P9 Plus are all smartphones from the Chinese company Huawei. A denial of service vulnerability exists in Huawei Mate 8, P9, and P9 Plus. The following products and versions are affected: Huawei Mate 8 before NXT-AL10C00B592, before NXT-CL00C92B592, before NXT-DL00C17B592, before NXT-L09AC636B220, before NXT-L09C185B582, before NXT-L09C432B581, before NXT-L09C432B581, NXT-L09C432B581 Version, version before NXT-L29C10B580, version before NXT-L29C185B582, version before NXT-L29C636B589, version before NXT-TL00C01B592; , before EVA-L09C185B391, before EVA-L09C432B395, before EVA-L09C464B383, before EVA-L09C605B392, before EVA-L09C635B391, before EVA-L09C636B388, before EVA-L19C10B394, before 24EVA-L19C -L19C605B390 before, EVA-L19C636B393 before, EVA-L29C636B389 before, EVA-TL00C01B398 before; P9 Plus VIE-L09C318B182 before, VIE-L09C432B380 before, VIE-L09C576B180 before VIE-L09C576B180, VIE-L27C -L29C636B388 before version",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17171"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"db": "VULHUB",
"id": "VHN-108167"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17171",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-934",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-12843",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-108167",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"db": "VULHUB",
"id": "VHN-108167"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"db": "NVD",
"id": "CVE-2017-17171"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
]
},
"id": "VAR-201806-0422",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"db": "VULHUB",
"id": "VHN-108167"
}
],
"trust": 1.3150284
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12843"
}
]
},
"last_update_date": "2023-12-18T12:36:45.591000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20180530-01-smartphone",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone-en"
},
{
"title": "Patches for multiple Huawei phone denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/134015"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108167"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"db": "NVD",
"id": "CVE-2017-17171"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone"
},
{
"trust": 1.0,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17171"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17171"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180530-01-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"db": "VULHUB",
"id": "VHN-108167"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"db": "NVD",
"id": "CVE-2017-17171"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"db": "VULHUB",
"id": "VHN-108167"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"db": "NVD",
"id": "CVE-2017-17171"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"date": "2018-06-01T00:00:00",
"db": "VULHUB",
"id": "VHN-108167"
},
{
"date": "2018-08-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"date": "2018-06-01T14:29:00.207000",
"db": "NVD",
"id": "CVE-2017-17171"
},
{
"date": "2017-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12843"
},
{
"date": "2018-07-27T00:00:00",
"db": "VULHUB",
"id": "VHN-108167"
},
{
"date": "2018-08-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013795"
},
{
"date": "2018-07-27T13:36:24.563000",
"db": "NVD",
"id": "CVE-2017-17171"
},
{
"date": "2018-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Vulnerability related to input confirmation in smartphones",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013795"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-934"
}
],
"trust": 0.6
}
}
VAR-201704-0497
Vulnerability from variot - Updated: 2023-12-18 12:19The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. A denial of service vulnerability exists in some of Huawei's mobile phone TrustZone drivers. An attacker could convince a user to install a malicious application, and the application exploited the vulnerability to pass specific parameters to the TrustZone driver, causing the system to reboot. Multiple Huawei Products are prone to the following multiple security vulnerabilities. 1. A denial-of-service vulnerability. 2. A privilege escalation vulnerability. 3. A security bypass vulnerability. Attackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0497",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "ale-l02c636b150"
},
{
"model": "p9 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "vns-l21c185b130"
},
{
"model": "p8 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b352",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite \u003cvns-l21c185b130",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite \u003cale-l02c636b150",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "vns-l21c185b130"
},
{
"model": "p8 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "ale-l02c636b150"
},
{
"model": "p9 lite vns-l21c185b130",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "p8 lite ale-l02c636b150",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite vns-l21c185b150",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al00c00b352",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite ale-l02c636b170",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"db": "NVD",
"id": "CVE-2016-8762"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "vns-l21c185b130",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "ale-l02c636b150",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8762"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nick Stephens.",
"sources": [
{
"db": "BID",
"id": "94509"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8762",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 1.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8762",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-11631",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "VHN-97582",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.0,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8762",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8762",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-11631",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-653",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-97582",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2016-8762",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"db": "VULHUB",
"id": "VHN-97582"
},
{
"db": "VULMON",
"id": "CVE-2016-8762"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"db": "NVD",
"id": "CVE-2016-8762"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. A denial of service vulnerability exists in some of Huawei\u0027s mobile phone TrustZone drivers. An attacker could convince a user to install a malicious application, and the application exploited the vulnerability to pass specific parameters to the TrustZone driver, causing the system to reboot. Multiple Huawei Products are prone to the following multiple security vulnerabilities. \n1. A denial-of-service vulnerability. \n2. A privilege escalation vulnerability. \n3. A security bypass vulnerability. \nAttackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8762"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "VULHUB",
"id": "VHN-97582"
},
{
"db": "VULMON",
"id": "CVE-2016-8762"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8762",
"trust": 3.5
},
{
"db": "BID",
"id": "94509",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11631",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97582",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-8762",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"db": "VULHUB",
"id": "VHN-97582"
},
{
"db": "VULMON",
"id": "CVE-2016-8762"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"db": "NVD",
"id": "CVE-2016-8762"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
]
},
"id": "VAR-201704-0497",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"db": "VULHUB",
"id": "VHN-97582"
}
],
"trust": 1.2841406
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11631"
}
]
},
"last_update_date": "2023-12-18T12:19:55.423000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161123-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
},
{
"title": "Huawei\u0027s mobile phone TrustZone driver has a patch for denial of service vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84468"
},
{
"title": "Multiple Huawei Repair measures for device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65928"
},
{
"title": "boomerang",
"trust": 0.1,
"url": "https://github.com/ucsb-seclab/boomerang "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/23hour/boomerang_qemu "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"db": "VULMON",
"id": "CVE-2016-8762"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97582"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"db": "NVD",
"id": "CVE-2016-8762"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/94509"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8762"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8762"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161123-01-smartphone-en"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/ucsb-seclab/boomerang"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"db": "VULHUB",
"id": "VHN-97582"
},
{
"db": "VULMON",
"id": "CVE-2016-8762"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"db": "NVD",
"id": "CVE-2016-8762"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"db": "VULHUB",
"id": "VHN-97582"
},
{
"db": "VULMON",
"id": "CVE-2016-8762"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"db": "NVD",
"id": "CVE-2016-8762"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97582"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8762"
},
{
"date": "2016-11-24T00:00:00",
"db": "BID",
"id": "94509"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"date": "2017-04-02T20:59:01.267000",
"db": "NVD",
"id": "CVE-2016-8762"
},
{
"date": "2016-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11631"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97582"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8762"
},
{
"date": "2016-12-20T01:02:00",
"db": "BID",
"id": "94509"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008236"
},
{
"date": "2017-04-07T19:32:56.707000",
"db": "NVD",
"id": "CVE-2016-8762"
},
{
"date": "2016-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "94509"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Smartphone software TrustZone Driver input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008236"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-653"
}
],
"trust": 0.6
}
}
VAR-201704-0499
Vulnerability from variot - Updated: 2023-12-18 12:19The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. Some of Huawei's mobile secure storage trusted applications (SecureStorageTrustedApp) have security bypass vulnerabilities. An attacker who has obtained root access to the Android system can exploit the vulnerability to read and write user-state memory data at any location in TrustZone. Multiple Huawei Products are prone to the following multiple security vulnerabilities. 1. A denial-of-service vulnerability. 2. A privilege escalation vulnerability. 3. Attackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0499",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "ale-l02c636b150"
},
{
"model": "p9 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "vns-l21c185b130"
},
{
"model": "p8 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b352",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite \u003cvns-l21c185b130",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite \u003cale-l02c636b150",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "vns-l21c185b130"
},
{
"model": "p8 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "ale-l02c636b150"
},
{
"model": "p9 lite vns-l21c185b130",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "p8 lite ale-l02c636b150",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite vns-l21c185b150",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al00c00b352",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite ale-l02c636b170",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "vns-l21c185b130",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "ale-l02c636b150",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nick Stephens.",
"sources": [
{
"db": "BID",
"id": "94509"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8764",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 2.7,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-8764",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2016-11632",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 2.7,
"id": "VHN-97584",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.4,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-8764",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8764",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-11632",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-655",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-97584",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-8764",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. Some of Huawei\u0027s mobile secure storage trusted applications (SecureStorageTrustedApp) have security bypass vulnerabilities. An attacker who has obtained root access to the Android system can exploit the vulnerability to read and write user-state memory data at any location in TrustZone. Multiple Huawei Products are prone to the following multiple security vulnerabilities. \n1. A denial-of-service vulnerability. \n2. A privilege escalation vulnerability. \n3. \nAttackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8764",
"trust": 3.5
},
{
"db": "BID",
"id": "94509",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11632",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97584",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-8764",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"id": "VAR-201704-0499",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
}
],
"trust": 1.2841406
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
}
]
},
"last_update_date": "2023-12-18T12:19:55.345000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161123-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
},
{
"title": "Huawei\u0027s mobile phone secure storage trusted application has a security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84477"
},
{
"title": "Multiple Huawei Repair measures for device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65930"
},
{
"title": "boomerang",
"trust": 0.1,
"url": "https://github.com/ucsb-seclab/boomerang "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/23hour/boomerang_qemu "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/94509"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8764"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8764"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161123-01-smartphone-en"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/ucsb-seclab/boomerang"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97584"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"date": "2016-11-24T00:00:00",
"db": "BID",
"id": "94509"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"date": "2017-04-02T20:59:01.327000",
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"date": "2016-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97584"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"date": "2016-12-20T01:02:00",
"db": "BID",
"id": "94509"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"date": "2017-04-07T20:02:23.943000",
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"date": "2016-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "94509"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Smartphone software TrustZone Driver input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
],
"trust": 0.6
}
}
VAR-201704-0498
Vulnerability from variot - Updated: 2023-12-18 12:19The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. Some of Huawei's mobile phone TrustZone drivers have privilege escalation vulnerabilities. An attacker could convince a user to install a malicious application that could be exploited by an application to send specific parameters to the TrustZone driver, resulting in a system reboot or elevated user rights. Multiple Huawei Products are prone to the following multiple security vulnerabilities. 1. A denial-of-service vulnerability. 2. 3. A security bypass vulnerability. Attackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0498",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "ale-l02c636b150"
},
{
"model": "p9 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "vns-l21c185b130"
},
{
"model": "p8 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b352",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite \u003cvns-l21c185b130",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite \u003cale-l02c636b150",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "vns-l21c185b130"
},
{
"model": "p8 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "ale-l02c636b150"
},
{
"model": "p9 lite vns-l21c185b130",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "p8 lite ale-l02c636b150",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite vns-l21c185b150",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al00c00b352",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite ale-l02c636b170",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"db": "NVD",
"id": "CVE-2016-8763"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "vns-l21c185b130",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p8_lite_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "ale-l02c636b150",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p8_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8763"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nick Stephens.",
"sources": [
{
"db": "BID",
"id": "94509"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8763",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-8763",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-11633",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-97583",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-8763",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8763",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-11633",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-654",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-97583",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-8763",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"db": "VULHUB",
"id": "VHN-97583"
},
{
"db": "VULMON",
"id": "CVE-2016-8763"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"db": "NVD",
"id": "CVE-2016-8763"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. Some of Huawei\u0027s mobile phone TrustZone drivers have privilege escalation vulnerabilities. An attacker could convince a user to install a malicious application that could be exploited by an application to send specific parameters to the TrustZone driver, resulting in a system reboot or elevated user rights. Multiple Huawei Products are prone to the following multiple security vulnerabilities. \n1. A denial-of-service vulnerability. \n2. \n3. A security bypass vulnerability. \nAttackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8763"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "VULHUB",
"id": "VHN-97583"
},
{
"db": "VULMON",
"id": "CVE-2016-8763"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8763",
"trust": 3.5
},
{
"db": "BID",
"id": "94509",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-654",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11633",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97583",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-8763",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"db": "VULHUB",
"id": "VHN-97583"
},
{
"db": "VULMON",
"id": "CVE-2016-8763"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"db": "NVD",
"id": "CVE-2016-8763"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
]
},
"id": "VAR-201704-0498",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"db": "VULHUB",
"id": "VHN-97583"
}
],
"trust": 1.2841406
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11633"
}
]
},
"last_update_date": "2023-12-18T12:19:55.384000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161123-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
},
{
"title": "Huawei\u0027s mobile phone TrustZone driver has a patch for privilege escalation vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84472"
},
{
"title": "Multiple Huawei Repair measures for device privilege vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65929"
},
{
"title": "boomerang",
"trust": 0.1,
"url": "https://github.com/ucsb-seclab/boomerang "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/23hour/boomerang_qemu "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"db": "VULMON",
"id": "CVE-2016-8763"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-664",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97583"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"db": "NVD",
"id": "CVE-2016-8763"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/94509"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8763"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8763"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161123-01-smartphone-en"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/664.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/ucsb-seclab/boomerang"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"db": "VULHUB",
"id": "VHN-97583"
},
{
"db": "VULMON",
"id": "CVE-2016-8763"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"db": "NVD",
"id": "CVE-2016-8763"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"db": "VULHUB",
"id": "VHN-97583"
},
{
"db": "VULMON",
"id": "CVE-2016-8763"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"db": "NVD",
"id": "CVE-2016-8763"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97583"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8763"
},
{
"date": "2016-11-24T00:00:00",
"db": "BID",
"id": "94509"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"date": "2017-04-02T20:59:01.297000",
"db": "NVD",
"id": "CVE-2016-8763"
},
{
"date": "2016-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11633"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97583"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8763"
},
{
"date": "2016-12-20T01:02:00",
"db": "BID",
"id": "94509"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008237"
},
{
"date": "2017-04-07T20:13:16.537000",
"db": "NVD",
"id": "CVE-2016-8763"
},
{
"date": "2016-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Smartphone software TrustZone Driver vulnerabilities related to resource control throughout the lifetime",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008237"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-654"
}
],
"trust": 0.6
}
}
VAR-201711-0986
Vulnerability from variot - Updated: 2023-12-18 12:19Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the race condition cause null pointer accessing during the application access shared resource, which make the system reboot. HuaweiP9 is a smartphone from China's Huawei company. Huawei Smart Phones are prone to a remote denial-of-service vulnerability. Successful exploitation of the issue will cause the device to reboot, resulting in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0986",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "lt",
"trust": 1.8,
"vendor": "huawei",
"version": "eva-al10c00b389"
},
{
"model": "p9 \u003ceva-al10c00b389",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "p9 eva-al10c00b389",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"db": "BID",
"id": "102251"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"db": "NVD",
"id": "CVE-2017-8148"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:p9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "eva-al10c00b389",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:p9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8148"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yonggang Guo of IceSword Lab, Qihoo 360 Technology Co. Ltd",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
],
"trust": 0.6
},
"cve": "CVE-2017-8148",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 5.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-8148",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-26779",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 4.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-8148",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8148",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-26779",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-147",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"db": "NVD",
"id": "CVE-2017-8148"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the race condition cause null pointer accessing during the application access shared resource, which make the system reboot. HuaweiP9 is a smartphone from China\u0027s Huawei company. Huawei Smart Phones are prone to a remote denial-of-service vulnerability. \nSuccessful exploitation of the issue will cause the device to reboot, resulting in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8148"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"db": "BID",
"id": "102251"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8148",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010810",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-26779",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201708-147",
"trust": 0.6
},
{
"db": "BID",
"id": "102251",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"db": "BID",
"id": "102251"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"db": "NVD",
"id": "CVE-2017-8148"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
]
},
"id": "VAR-201711-0986",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26779"
}
],
"trust": 1.18483934
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26779"
}
]
},
"last_update_date": "2023-12-18T12:19:19.060000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20170802-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-smartphone-en"
},
{
"title": "HuaweiP9 Mobile Audio Driver Denial of Service Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/102216"
},
{
"title": "Huawei P9 Fixes for audio driver security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74819"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"db": "NVD",
"id": "CVE-2017-8148"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-smartphone-en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8148"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8148"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20170802-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"db": "BID",
"id": "102251"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"db": "NVD",
"id": "CVE-2017-8148"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"db": "BID",
"id": "102251"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"db": "NVD",
"id": "CVE-2017-8148"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"date": "2017-08-02T00:00:00",
"db": "BID",
"id": "102251"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"date": "2017-11-22T19:29:03.287000",
"db": "NVD",
"id": "CVE-2017-8148"
},
{
"date": "2017-08-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-26779"
},
{
"date": "2017-08-02T00:00:00",
"db": "BID",
"id": "102251"
},
{
"date": "2017-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010810"
},
{
"date": "2017-12-12T18:21:37.737000",
"db": "NVD",
"id": "CVE-2017-8148"
},
{
"date": "2017-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "P9 Vulnerability related to race conditions in smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010810"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competitive condition",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-147"
}
],
"trust": 0.6
}
}