Input Validation Flaw in Huawei TrustZone Driver Impacts Multiple Phone Models
CVE-2016-8762
5MEDIUM
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 2 April 2017
Summary
The TrustZone driver within certain Huawei smartphones contains an input validation flaw that could be exploited by attackers. This vulnerability allows unauthorized commands to be executed, potentially resulting in a system restart. Users of affected devices should ensure they are running the latest software versions available to mitigate any risk associated with this security issue.
Affected Version(s)
P9,P9 Lite,P8 Lite earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier ,ALE-L02C636B150 and earlier P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions
References
CVSS V3.1
Score:
5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved