cvelistv5 - cve-2016-8794

CVE-2016-8794 (GCVE-0-2016-8794)

Vulnerability from cvelistv5 – Published: 2017-04-02 20:00 – Updated: 2024-08-06 02:35

Summary

Severity ?

No CVSS data available.

CWE

input validation

Assigner

huawei

References

URL

Tags

	http://www.huawei.com/en/psirt/security-advisorie…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94404	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366	Affected: Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:35:01.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
          },
          {
            "name": "94404",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94404"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366"
            }
          ]
        }
      ],
      "datePublic": "2017-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "input validation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-03T09:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
        },
        {
          "name": "94404",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94404"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2016-8794",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "input validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
            },
            {
              "name": "94404",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94404"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2016-8794",
    "datePublished": "2017-04-02T20:00:00",
    "dateReserved": "2016-10-18T00:00:00",
    "dateUpdated": "2024-08-06T02:35:01.105Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:mate_s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1639437D-A835-49C7-88C7-19364C6AEE41\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B240A6C3-B8D7-4755-A74C-BE37FDE7CBF1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:mate_8_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F93FDEA-A797-4642-BD01-FBED417A37CF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"541130D9-3327-4991-A7AB-29AA3B37861C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p8_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F76C244-76C0-406A-919D-50BB85C7DA88\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F43A4D21-F16A-4277-A7AF-9ADBC3429F4C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege.\"}, {\"lang\": \"es\", \"value\": \"Tel\\u00e9fonos Huawei Mate 8 con versiones de software anteriores a NXT-AL10C00B386, versiones anteriores a NXT-CL00C92B386, versiones anteriores a NXT-DL00C17B386, versiones anteriores a NXT-TL00C01B386; tel\\u00e9fonos Mate S con versiones de software anteriores a CRR-CL00C92B368, versiones anteriores a CRR-CL20C92B368, versiones anteriores a CRR-TL00C01B368, versiones anteriores a CRR-UL00C00B368, versiones anteriores a CRR-UL20C00B368; y tel\\u00e9fonos P8 con versiones de software anteriores a GRA-TL00C01B366, versiones anteriores a GRA-CL00C92B366, versiones anteriores a GRA-CL10C92B366, versiones anteriores a GRA-UL00C00B366, versiones anteriores a GRA-UL10C00B366 permiten a atacantes con privilegios de gr\\u00e1fico o de c\\u00e1mara bloquear el sistema o escalar privilegios.\"}]",
      "id": "CVE-2016-8794",
      "lastModified": "2024-11-21T03:00:05.420",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 1.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2017-04-02T20:59:01.767",
      "references": "[{\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94404\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94404\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-8794\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2017-04-02T20:59:01.767\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege.\"},{\"lang\":\"es\",\"value\":\"Tel\u00e9fonos Huawei Mate 8 con versiones de software anteriores a NXT-AL10C00B386, versiones anteriores a NXT-CL00C92B386, versiones anteriores a NXT-DL00C17B386, versiones anteriores a NXT-TL00C01B386; tel\u00e9fonos Mate S con versiones de software anteriores a CRR-CL00C92B368, versiones anteriores a CRR-CL20C92B368, versiones anteriores a CRR-TL00C01B368, versiones anteriores a CRR-UL00C00B368, versiones anteriores a CRR-UL20C00B368; y tel\u00e9fonos P8 con versiones de software anteriores a GRA-TL00C01B366, versiones anteriores a GRA-CL00C92B366, versiones anteriores a GRA-CL10C92B366, versiones anteriores a GRA-UL00C00B366, versiones anteriores a GRA-UL10C00B366 permiten a atacantes con privilegios de gr\u00e1fico o de c\u00e1mara bloquear el sistema o escalar privilegios.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":6.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:mate_s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1639437D-A835-49C7-88C7-19364C6AEE41\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B240A6C3-B8D7-4755-A74C-BE37FDE7CBF1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:mate_8_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F93FDEA-A797-4642-BD01-FBED417A37CF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"541130D9-3327-4991-A7AB-29AA3B37861C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p8_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F76C244-76C0-406A-919D-50BB85C7DA88\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F43A4D21-F16A-4277-A7AF-9ADBC3429F4C\"}]}]}],\"references\":[{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94404\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94404\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

FKIE_CVE-2016-8794

Vulnerability from fkie_nvd - Published: 2017-04-02 20:59 - Updated: 2025-04-20 01:37

Severity ?

7.1 (High) - CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en	Vendor Advisory
psirt@huawei.com	http://www.securityfocus.com/bid/94404	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94404	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
huawei	mate_s_firmware	-
huawei	mate_s	-
huawei	mate_8_firmware	-
huawei	mate_8	-
huawei	p8_firmware	-
huawei	p8	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:mate_s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1639437D-A835-49C7-88C7-19364C6AEE41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B240A6C3-B8D7-4755-A74C-BE37FDE7CBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:mate_8_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F93FDEA-A797-4642-BD01-FBED417A37CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "541130D9-3327-4991-A7AB-29AA3B37861C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:p8_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F76C244-76C0-406A-919D-50BB85C7DA88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F43A4D21-F16A-4277-A7AF-9ADBC3429F4C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege."
    },
    {
      "lang": "es",
      "value": "Tel\u00e9fonos Huawei Mate 8 con versiones de software anteriores a NXT-AL10C00B386, versiones anteriores a NXT-CL00C92B386, versiones anteriores a NXT-DL00C17B386, versiones anteriores a NXT-TL00C01B386; tel\u00e9fonos Mate S con versiones de software anteriores a CRR-CL00C92B368, versiones anteriores a CRR-CL20C92B368, versiones anteriores a CRR-TL00C01B368, versiones anteriores a CRR-UL00C00B368, versiones anteriores a CRR-UL20C00B368; y tel\u00e9fonos P8 con versiones de software anteriores a GRA-TL00C01B366, versiones anteriores a GRA-CL00C92B366, versiones anteriores a GRA-CL10C92B366, versiones anteriores a GRA-UL00C00B366, versiones anteriores a GRA-UL10C00B366 permiten a atacantes con privilegios de gr\u00e1fico o de c\u00e1mara bloquear el sistema o escalar privilegios."
    }
  ],
  "id": "CVE-2016-8794",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-02T20:59:01.767",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
    },
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94404"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94404"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-8794

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-8794

Aliases

CVE-2016-8794

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-8794",
    "description": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege.",
    "id": "GSD-2016-8794"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-8794"
      ],
      "details": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege.",
      "id": "GSD-2016-8794",
      "modified": "2023-12-13T01:21:22.294215Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "ID": "CVE-2016-8794",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "input validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
          },
          {
            "name": "94404",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/94404"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:mate_s_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p8_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2016-8794"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
            },
            {
              "name": "94404",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/94404"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 1.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-04-05T23:58Z",
      "publishedDate": "2017-04-02T20:59Z"
    }
  }
}

CNVD-2016-11303

Vulnerability from cnvd - Published: 2016-11-18

Title

多款华为手机存在权限提升漏洞（CNVD-2016-11303）

Description

Huawei Mate 8、Mate S、P8为华为的智能手机。多款华为手机存在缺少参数检查的安全漏洞。该漏洞利用的前提是，攻击者获取到Graphic或者Camera权限，并诱使用户安装恶意应用程序，可利用应用程序向手机发送特定参数，导致系统重启或用户权限提升。

Severity

低

Patch Name

多款华为手机存在权限提升漏洞（CNVD-2016-11303）的补丁

Patch Description

Huawei Mate 8、Mate S、P8为华为的智能手机。多款华为手机存在缺少参数检查的安全漏洞。该漏洞利用的前提是，攻击者获取到Graphic或者Camera权限，并诱使用户安装恶意应用程序，可利用应用程序向手机发送特定参数，导致系统重启或用户权限提升。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： http://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161116-01-smartphone-cn

Reference

http://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161116-01-smartphone-cn

Impacted products

Name
['Huawei P8 <GRA-TL00C01B366', 'Huawei P8 <GRA-UL00C00B366', 'Huawei P8 <GRA-UL10C00B366', 'Huawei P8 <GRA-CL00C92B366', 'Huawei Mate 8 <NXT-AL10C00B386', 'Huawei Mate 8 <NXT-CL00C92B386', 'Huawei Mate 8 <NXT-DL00C17B386', 'Huawei Mate 8 <NXT-TL00C01B386', 'Huawei Mate S <CRR-CL00C92B368', 'Huawei Mate S \r\n<CRR-CL20C92B368', 'Huawei Mate S \r\n<CRR-TL00C01B368', 'Huawei Mate S \r\n<CRR-UL00C00B368', 'Huawei Mate S \r\n<CRR-UL20C00B368', 'Huawei P8 <GRA-CL10C92B366']

Name

['Huawei P8 <GRA-TL00C01B366', 'Huawei P8 <GRA-UL00C00B366', 'Huawei P8 <GRA-UL10C00B366', 'Huawei P8 <GRA-CL00C92B366', 'Huawei Mate 8 <NXT-AL10C00B386', 'Huawei Mate 8 <NXT-CL00C92B386', 'Huawei Mate 8 <NXT-DL00C17B386', 'Huawei Mate 8 <NXT-TL00C01B386', 'Huawei Mate S <CRR-CL00C92B368', 'Huawei Mate S \r\n<CRR-CL20C92B368', 'Huawei Mate S \r\n<CRR-TL00C01B368', 'Huawei Mate S \r\n<CRR-UL00C00B368', 'Huawei Mate S \r\n<CRR-UL20C00B368', 'Huawei P8 <GRA-CL10C92B366']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "94404"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8794"
    }
  },
  "description": "Huawei Mate 8\u3001Mate S\u3001P8\u4e3a\u534e\u4e3a\u7684\u667a\u80fd\u624b\u673a\u3002\r\n\r\n\u591a\u6b3e\u534e\u4e3a\u624b\u673a\u5b58\u5728\u7f3a\u5c11\u53c2\u6570\u68c0\u67e5\u7684\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u5229\u7528\u7684\u524d\u63d0\u662f\uff0c\u653b\u51fb\u8005\u83b7\u53d6\u5230Graphic\u6216\u8005Camera\u6743\u9650\uff0c\u5e76\u8bf1\u4f7f\u7528\u6237\u5b89\u88c5\u6076\u610f\u5e94\u7528\u7a0b\u5e8f\uff0c\u53ef\u5229\u7528\u5e94\u7528\u7a0b\u5e8f\u5411\u624b\u673a\u53d1\u9001\u7279\u5b9a\u53c2\u6570\uff0c\u5bfc\u81f4\u7cfb\u7edf\u91cd\u542f\u6216\u7528\u6237\u6743\u9650\u63d0\u5347\u3002",
  "discovererName": "\u963f\u91cc\u5df4\u5df4\u79fb\u52a8\u5b89\u5168\u56e2\u961f\u7684\u6768\u6210\u660e\uff0c\u6768\u8d85\uff0c\u5c24\u5b81\uff0c\u8096\u9e4f\u548c\u5b8b\u6768",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161116-01-smartphone-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-11303",
  "openTime": "2016-11-18",
  "patchDescription": "Huawei Mate 8\u3001Mate S\u3001P8\u4e3a\u534e\u4e3a\u7684\u667a\u80fd\u624b\u673a\u3002\r\n\r\n\u591a\u6b3e\u534e\u4e3a\u624b\u673a\u5b58\u5728\u7f3a\u5c11\u53c2\u6570\u68c0\u67e5\u7684\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u5229\u7528\u7684\u524d\u63d0\u662f\uff0c\u653b\u51fb\u8005\u83b7\u53d6\u5230Graphic\u6216\u8005Camera\u6743\u9650\uff0c\u5e76\u8bf1\u4f7f\u7528\u6237\u5b89\u88c5\u6076\u610f\u5e94\u7528\u7a0b\u5e8f\uff0c\u53ef\u5229\u7528\u5e94\u7528\u7a0b\u5e8f\u5411\u624b\u673a\u53d1\u9001\u7279\u5b9a\u53c2\u6570\uff0c\u5bfc\u81f4\u7cfb\u7edf\u91cd\u542f\u6216\u7528\u6237\u6743\u9650\u63d0\u5347\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3e\u534e\u4e3a\u624b\u673a\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2016-11303\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei P8 \u003cGRA-TL00C01B366",
      "Huawei P8 \u003cGRA-UL00C00B366",
      "Huawei P8 \u003cGRA-UL10C00B366",
      "Huawei P8 \u003cGRA-CL00C92B366",
      "Huawei Mate 8 \u003cNXT-AL10C00B386",
      "Huawei Mate 8 \u003cNXT-CL00C92B386",
      "Huawei Mate 8 \u003cNXT-DL00C17B386",
      "Huawei Mate 8 \u003cNXT-TL00C01B386",
      "Huawei Mate S \u003cCRR-CL00C92B368",
      "Huawei Mate S \r\n\u003cCRR-CL20C92B368",
      "Huawei Mate S \r\n\u003cCRR-TL00C01B368",
      "Huawei Mate S \r\n\u003cCRR-UL00C00B368",
      "Huawei Mate S \r\n\u003cCRR-UL20C00B368",
      "Huawei P8 \u003cGRA-CL10C92B366"
    ]
  },
  "referenceLink": "http://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161116-01-smartphone-cn",
  "serverity": "\u4f4e",
  "submitTime": "2016-11-18",
  "title": "\u591a\u6b3e\u534e\u4e3a\u624b\u673a\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2016-11303\uff09"
}

VAR-201704-1027

Vulnerability from variot - Updated: 2023-12-18 12:19

Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. Huawei Mate 8 , Mate S ,and P8 Smartphones have vulnerabilities that can cause system crashes or elevated privileges.An attacker with graphic or camera privileges could crash the system or elevate privileges. HuaweiMate8, MateS, and P8 are Huawei smartphones. A number of Huawei phones have security vulnerabilities that lack parameter checking. The premise of the exploit is that the attacker gains Graphic or Camera privileges and entice the user to install a malicious application that can use the application to send specific parameters to the phone, resulting in a system reboot or user privilege escalation. Multiple Huawei Smart Phones are prone to multiple local denial-of-service vulnerabilities. Attackers can exploit these issuee to crash the application, resulting in a denial-of-service condition. The Huawei Mate 8 and others are smartphones from the Chinese company Huawei. The following devices are affected: Huawei Mate 8, Mate S, P8

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201704-1027",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mate s",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mate 8",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mate 8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "nxt-al10c00b386"
      },
      {
        "model": "mate 8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "nxt-cl00c92b386"
      },
      {
        "model": "mate 8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "nxt-dl00c17b386"
      },
      {
        "model": "mate 8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "nxt-tl00c01b386"
      },
      {
        "model": "mate s",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "crr-cl00c92b368"
      },
      {
        "model": "mate s",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "crr-cl20c92b368"
      },
      {
        "model": "mate s",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "crr-tl00c01b368"
      },
      {
        "model": "mate s",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "crr-ul00c00b368"
      },
      {
        "model": "mate s",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "crr-ul20c00b368"
      },
      {
        "model": "p8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "gra-cl00c92b366"
      },
      {
        "model": "p8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "gra-cl10c92b366"
      },
      {
        "model": "p8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "gra-tl00c01b366"
      },
      {
        "model": "p8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "gra-ul00c00b366"
      },
      {
        "model": "p8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "gra-ul10c00b366"
      },
      {
        "model": "p8 \u003cgra-tl00c01b366",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8 \u003cgra-ul00c00b366",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8 \u003cgra-ul10c00b366",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8 \u003cgra-cl00c92b366",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mate \u003cnxt-al10c00b386",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "mate \u003cnxt-cl00c92b386",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "mate \u003cnxt-dl00c17b386",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "mate \u003cnxt-tl00c01b386",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "mate s \u003ccrr-cl00c92b368",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mate s \u003ccrr-cl20c92b368",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mate s \u003ccrr-tl00c01b368",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mate s \u003ccrr-ul00c00b368",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mate s \u003ccrr-ul20c00b368",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8 \u003cgra-cl10c92b366",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "0"
      },
      {
        "model": "mates",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "0"
      },
      {
        "model": "mate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "80"
      },
      {
        "model": "p8 gra-ul10c00b366",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8 gra-ul00c00b366",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8 gra-tl00c01b366",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8 gra-cl10c92b366",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p8 gra-cl00c92b366",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mates crr-ul20c00b368",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mates crr-ul00c00b368",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mates crr-tl00c01b368",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mates crr-cl20c92b368",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mates crr-cl00c92b368",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mate nxt-tl00c01b386",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "mate nxt-dl00c17b386",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "mate nxt-cl00c92b386",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "mate nxt-al10c00b386",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "huawei",
        "version": "8"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "db": "BID",
        "id": "94404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8794"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:mate_s_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:mate_s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:mate_8_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:mate_8:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p8_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p8:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-8794"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Yang Chengming, Yang Chao, You Ning, Xiao Peng and Song Yang.",
    "sources": [
      {
        "db": "BID",
        "id": "94404"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2016-8794",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 6.2,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2016-8794",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 1.2,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.9,
            "id": "CNVD-2016-11303",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.9,
            "id": "VHN-97614",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:H/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.2,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.1,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2016-8794",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-8794",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-11303",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201611-470",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-97614",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2016-8794",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97614"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8794"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8794"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. Huawei Mate 8 , Mate S ,and P8 Smartphones have vulnerabilities that can cause system crashes or elevated privileges.An attacker with graphic or camera privileges could crash the system or elevate privileges. HuaweiMate8, MateS, and P8 are Huawei smartphones. A number of Huawei phones have security vulnerabilities that lack parameter checking. The premise of the exploit is that the attacker gains Graphic or Camera privileges and entice the user to install a malicious application that can use the application to send specific parameters to the phone, resulting in a system reboot or user privilege escalation. Multiple Huawei Smart Phones are prone to multiple local denial-of-service vulnerabilities. \nAttackers can exploit these issuee to crash the application, resulting in a denial-of-service condition. The Huawei Mate 8 and others are smartphones from the Chinese company Huawei. The following devices are affected: Huawei Mate 8, Mate S, P8",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-8794"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "db": "BID",
        "id": "94404"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97614"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8794"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-8794",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "94404",
        "trust": 2.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-97614",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8794",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97614"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8794"
      },
      {
        "db": "BID",
        "id": "94404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8794"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ]
  },
  "id": "VAR-201704-1027",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97614"
      }
    ],
    "trust": 1.3051551333333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:19:54.029000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "huawei-sa-20161116-01-smartphone",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
      },
      {
        "title": "Patches for privilege escalation vulnerabilities (CNVD-2016-11303) for multiple Huawei phones",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/84108"
      },
      {
        "title": "Multiple Huawei Fixes for mobile local denial of service vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65808"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-284",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-97614"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8794"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/94404"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8794"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8794"
      },
      {
        "trust": 0.6,
        "url": "http://www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161116-01-smartphone-cn"
      },
      {
        "trust": 0.3,
        "url": "http://www.huawei.com"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/284.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97614"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8794"
      },
      {
        "db": "BID",
        "id": "94404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8794"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97614"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-8794"
      },
      {
        "db": "BID",
        "id": "94404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-8794"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "date": "2017-04-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-97614"
      },
      {
        "date": "2017-04-02T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-8794"
      },
      {
        "date": "2016-11-18T00:00:00",
        "db": "BID",
        "id": "94404"
      },
      {
        "date": "2017-05-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "date": "2017-04-02T20:59:01.767000",
        "db": "NVD",
        "id": "CVE-2016-8794"
      },
      {
        "date": "2016-11-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-11303"
      },
      {
        "date": "2017-04-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-97614"
      },
      {
        "date": "2017-04-05T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-8794"
      },
      {
        "date": "2016-11-24T01:12:00",
        "db": "BID",
        "id": "94404"
      },
      {
        "date": "2017-05-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      },
      {
        "date": "2017-04-05T23:58:26.263000",
        "db": "NVD",
        "id": "CVE-2016-8794"
      },
      {
        "date": "2016-11-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "94404"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Huawei Vulnerability that crashes the system on smartphones",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008226"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-470"
      }
    ],
    "trust": 0.6
  }
}

GHSA-GCQP-JX79-4GC5

Vulnerability from github – Published: 2022-05-17 02:51 – Updated: 2022-05-17 02:51

Details

Severity ?

7.1 (High)


                  
                    CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-8794"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-02T20:59:00Z",
    "severity": "HIGH"
  },
  "details": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege.",
  "id": "GHSA-gcqp-jx79-4gc5",
  "modified": "2022-05-17T02:51:28Z",
  "published": "2022-05-17T02:51:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8794"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94404"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-8794 (GCVE-0-2016-8794)

FKIE_CVE-2016-8794

GSD-2016-8794

CNVD-2016-11303

VAR-201704-1027

GHSA-GCQP-JX79-4GC5

Tags

Sightings

Nomenclature