Vulnerabilities > Huawei > Mate S Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-2699 | Unrestricted Upload of File with Dangerous Type vulnerability in Huawei Honor 7 Firmware, Lyo-L21 Firmware and Mate S Firmware The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-2693 | Path Traversal vulnerability in Huawei products ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier versions,CRR-L09C432B180 and earlier versions,CRR-TL00C01B172 and earlier versions,CRR-UL00C00B172 and earlier versions,CRR-UL20C432B171 and earlier versions,GRA-CL00C92B230 and earlier versions,GRA-L09C432B222 and earlier versions,GRA-TL00C01B230SP01 and earlier versions,GRA-UL00C00B230 and earlier versions,GRA-UL00C10B201 and earlier versions,GRA-UL00C432B220 and earlier versions,H60-L04C10B523 and earlier versions,H60-L04C185B523 and earlier versions,H60-L04C636B527 and earlier versions,H60-L04C900B530 and earlier versions,PLK-AL10C00B220 and earlier versions,PLK-AL10C92B220 and earlier versions,PLK-CL00C92B220 and earlier versions,PLK-L01C10B140 and earlier versions,PLK-L01C185B130 and earlier versions,PLK-L01C432B187 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C636B130 and earlier versions,PLK-TL00C01B220 and earlier versions,PLK-TL01HC01B220 and earlier versions,PLK-UL00C17B220 and earlier versions,ATH-AL00C00B210 and earlier versions,ATH-AL00C92B200 and earlier versions,ATH-CL00C92B210 and earlier versions,ATH-TL00C01B210 and earlier versions,ATH-TL00HC01B210 and earlier versions,ATH-UL00C00B210 and earlier versions,RIO-AL00C00B220 and earlier versions,RIO-CL00C92B220 and earlier versions,RIO-TL00C01B220 and earlier versions,RIO-UL00C00B220 and earlier versions have a path traversal vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-2692 | Command Injection vulnerability in Huawei products The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier versions,CRR-L09C432B180 and earlier versions,CRR-TL00C01B172 and earlier versions,CRR-UL00C00B172 and earlier versions,CRR-UL20C432B171 and earlier versions,GRA-CL00C92B230 and earlier versions,GRA-L09C432B222 and earlier versions,GRA-TL00C01B230SP01 and earlier versions,GRA-UL00C00B230 and earlier versions,GRA-UL00C10B201 and earlier versions,GRA-UL00C432B220 and earlier versions,H60-L04C10B523 and earlier versions,H60-L04C185B523 and earlier versions,H60-L04C636B527 and earlier versions,H60-L04C900B530 and earlier versions,PLK-AL10C00B220 and earlier versions,PLK-AL10C92B220 and earlier versions,PLK-CL00C92B220 and earlier versions,PLK-L01C10B140 and earlier versions,PLK-L01C185B130 and earlier versions,PLK-L01C432B187 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C636B130 and earlier versions,PLK-TL00C01B220 and earlier versions,PLK-TL01HC01B220 and earlier versions,PLK-UL00C17B220 and earlier versions,ATH-AL00C00B210 and earlier versions,ATH-AL00C92B200 and earlier versions,ATH-CL00C92B210 and earlier versions,ATH-TL00C01B210 and earlier versions,ATH-TL00HC01B210 and earlier versions,ATH-UL00C00B210 and earlier versions,RIO-AL00C00B220 and earlier versions,RIO-CL00C92B220 and earlier versions,RIO-TL00C01B220 and earlier versions,RIO-UL00C00B220 and earlier versions have a privilege elevation vulnerability. | 7.8 |
| 2017-04-02 | CVE-2016-8794 | Improper Access Control vulnerability in Huawei Mate 8 Firmware, Mate S Firmware and P8 Firmware Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | 7.1 |
| 2017-04-02 | CVE-2016-8792 | Improper Access Control vulnerability in Huawei Mate 8 Firmware, Mate S Firmware and P8 Firmware Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | 7.1 |
| 2017-04-02 | CVE-2016-8791 | Improper Access Control vulnerability in Huawei Mate 8 Firmware, Mate S Firmware and P8 Firmware Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | 7.1 |
| 2016-04-13 | CVE-2016-1495 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate S Firmware Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, which triggers a heap-based buffer overflow. | 7.8 |
| 2016-04-07 | CVE-2015-8681 | Improper Access Control vulnerability in Huawei Mate S Firmware and P8 Firmware The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the camera permission, aka an "interface access control vulnerability." | 7.8 |
| 2016-04-07 | CVE-2015-8680 | Improper Access Control vulnerability in Huawei Mate S Firmware, P8 and P8 Firmware The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the graphics permission, aka an "interface access control vulnerability," a different vulnerability than CVE-2015-8307. | 7.8 |
| 2016-04-07 | CVE-2015-8319 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate S Firmware and P8 Firmware Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8318. | 7.8 |