CVE-2015-8088

HIGH

Huawei P8 and Mate 7 Firmware - Heap-Based Buffer Overflow in HIFI Driver

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2015-8088. PoCs published by pray3r, Pray3r.

AI-analyzed exploit summary This PoC exploits a buffer overflow vulnerability in the HuaWei Mate7 hifi driver by sending a maliciously large input via ioctl. The code allocates a large buffer (300KB) and passes it to the vulnerable driver, likely triggering a denial-of-service or potential code execution.

Description

Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application.

Exploits (2)

exploitdb WORKING POC

by pray3r · clocalhardware

https://www.exploit-db.com/exploits/44306

View Code ZIP pw:eip

This PoC exploits a buffer overflow vulnerability in the HuaWei Mate7 hifi driver by sending a maliciously large input via ioctl. The code allocates a large buffer (300KB) and passes it to the vulnerable driver, likely triggering a denial-of-service or potential code execution.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: HuaWei Mate7 hifi driver (specific version not specified)

No auth needed

Prerequisites: Access to the target device · Ability to execute code on the target

MITRE ATT&CK

T1211 - Exploitation for Defense Evasion

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 3 stars

by Pray3r · poc

https://github.com/Pray3r/CVE-2015-8088

View Code ZIP pw:eip

This repository contains a functional proof-of-concept exploit for CVE-2015-8088, a heap-based buffer overflow in the HiFi driver of Huawei smartphones. The PoC triggers the vulnerability by sending a maliciously crafted IOCTL request to the /dev/hifi_misc device, demonstrating the potential for denial-of-service (DoS) or further exploitation.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Huawei Mate7 HiFi driver

No auth needed

Prerequisites: Access to the target device's /dev/hifi_misc interface

MITRE ATT&CK

T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/77560

Vendor Advisory x_refsource_confirm

http://www.huawei.com/en/psirt/security-advisories/hw-460347

Scores

CVSS v3 7.8

EPSS 0.0080

EPSS Percentile 74.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (9)

huawei/mate_7_firmware mt7-cl00

huawei/mate_7_firmware mt7-tl00

huawei/mate_7_firmware mt7-tl10

huawei/mate_7_firmware mt7-ul00

huawei/p8_firmware gra-cl10

huawei/p8_firmware gra-cl100

huawei/p8_firmware gra-tl00

huawei/p8_firmware gra-ul10

huawei/p8_firmware gra-ul100

Published Jan 12, 2016

Tracked Since Feb 18, 2026