Vulnerabilities > Huawei > P9 Lite Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-04-19 CVE-2017-17313 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P9 Lite Firmware
The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation.
local
low complexity
huawei CWE-119
5.5
2017-11-22 CVE-2017-8143 Improper Input Validation vulnerability in Huawei Honor 5C Firmware and P9 Lite Firmware
Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability.
local
low complexity
huawei CWE-20
5.5
2017-11-22 CVE-2017-2697 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products
The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability.
local
low complexity
huawei CWE-119
7.8
2017-04-02 CVE-2016-8776 Improper Authorization vulnerability in Huawei P9 Firmware and P9 Lite Firmware
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account.
low complexity
huawei CWE-285
4.6
2017-04-02 CVE-2016-8764 Improper Input Validation vulnerability in Huawei P8 Lite Firmware, P9 Firmware and P9 Lite Firmware
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver.
local
high complexity
huawei CWE-20
6.4
2017-04-02 CVE-2016-8763 Improper Control of a Resource Through its Lifetime vulnerability in Huawei P8 Lite Firmware, P9 Firmware and P9 Lite Firmware
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation.
local
low complexity
huawei CWE-664
7.8
2017-04-02 CVE-2016-8762 Improper Input Validation vulnerability in Huawei P8 Lite Firmware, P9 Firmware and P9 Lite Firmware
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart.
local
low complexity
huawei CWE-20
5.0