Stack Overflow Vulnerability in Huawei Smartphones
CVE-2016-8783

7.8HIGH

Key Information:

Vendor: McAfee
Status: H60 (honor 6), P9 Plus
Vendor: CVE Published:; 9 March 2018

Summary

The touchscreen driver in specific Huawei smartphones, including the Honor 6 and P9 Plus, is susceptible to a stack overflow vulnerability. This security flaw can be exploited if an attacker persuades a user to install a malicious application. Successfully executing this attack could either cause the system to crash or allow the attacker to escalate their privileges on the device, leading to potential unauthorized actions.

Affected Version(s)

H60 (Honor 6), P9 Plus Versions earlier than H60-L02_6.12.16, Versions earlier than?VIE-AL10BC00B356

References

http://www.securityfocus.com/bid/94944

vdb-entryx_refsource_BID

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 9, 2018
Vulnerability Reserved
Oct 18, 2016