Local Privilege Escalation in Huawei Mate 7 Smartphones
CVE-2015-4422

7HIGH

Key Information:

Vendor: Huawei
Status: Mate 7 Firmware
Vendor: CVE Published:; 19 October 2017

What is CVE-2015-4422?

The TEEOS module in Huawei Mate 7 smartphones prior to version V100R001CHNC00B126SP03 is vulnerable to a local privilege escalation issue. This vulnerability allows authenticated users with root permissions to execute crafted applications that can exploit the existing security loopholes. Successful exploitation can lead to privilege gain or even result in a denial of service through memory corruption, compromising the integrity of the device's operation.

References

http://www.securityfocus.com/bid/74742

vdb-entryx_refsource_BID

http://www1.huawei.com/en/security/psirt/security-bulleti...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 19, 2017
Vulnerability Reserved
Jun 8, 2015