CVE-2014-8359

Huawei Mobile Partner Firmware - Access Control

Title source: rule

Description

Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/30477

View Code ZIP pw:eip

References (5)

Core 5

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/70671

Exploit x_refsource_misc

http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html

Vendor Advisory x_refsource_confirm

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/97682

Exploit x_refsource_misc

http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/

Scores

EPSS 0.0108

EPSS Percentile 78.0%

Details

CWE

CWE-264

Status published

Products (4)

huawei/ec156

huawei/ec176

huawei/ec177

huawei/mobile_partner_firmware 23.009.05.03.1014

Published Nov 13, 2014

Tracked Since Feb 18, 2026