Vulnerabilities > Huawei > Mate 8 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-06-01 CVE-2017-17171 Improper Input Validation vulnerability in Huawei Mate 8 Firmware and P9 Firmware
Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters.
local
low complexity
huawei CWE-20
4.2
2017-04-02 CVE-2016-8793 Improper Access Control vulnerability in Huawei Mate 8 Firmware, Mate S Firmware and P8 Firmware
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege.
local
high complexity
huawei CWE-284
6.7
2017-04-02 CVE-2016-8774 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products
The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190, Versions before EVA-DL10C00B190, Versions before EVA-TL10C00B190, Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow.
local
low complexity
huawei CWE-119
6.7
2017-04-02 CVE-2016-8758 Improper Input Validation vulnerability in Huawei Mate 8 Firmware
ION memory management module in Huawei Mate8 phones with software NXT-AL10C00B561 and earlier versions, NXT-CL10C00B561 and earlier versions, NXT-DL10C00B561 and earlier versions, NXT-TL10C00B561 and earlier versions allows attackers to cause a denial of service (restart).
local
low complexity
huawei CWE-20
5.5
2017-04-02 CVE-2016-8756 Improper Input Validation vulnerability in Huawei Mate 8 Firmware
ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197 and earlier versions, NXT-TL10C00B197 and earlier versions, NXT-CL10C00B197 and earlier versions allows attackers to cause a denial of service (restart).
local
low complexity
huawei CWE-20
5.5
2016-06-30 CVE-2016-5232 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate 8 Firmware NXT
Buffer overflow in Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (system crash) via a crafted app.
local
low complexity
huawei CWE-119
5.5