Vulnerabilities > CVE-2016-4086 - Security Bypass vulnerability in Huawei HiSuite

CVSS 2.9 - LOW

Attack vector

ADJACENT_NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

huawei

NVD

Published: 2016-06-30

Updated: 2016-11-28

Summary

Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Huawei Huawei Hisuite 2.3.15 Huawei Hisuite 2.3.28 Huawei Hisuite 2.3.35 Huawei Hisuite 2.3.42 Huawei Hisuite 2.3.50 Huawei Hisuite 2.3.55 Huawei Hisuite 2.3.55.1	7

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en
http://www.securityfocus.com/bid/92622