CVE-2016-8763

HIGH

Huawei P9 <EVA-AL10C00B352 - Privilege Escalation

Title source: llm

Description

The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94509

[Vendor Advisory] http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en

Scores

CVSS v3 7.8

EPSS 0.0006

EPSS Percentile 17.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-664

Status published

Products (4)

huawei/p8_lite_firmware < ale-l02c636b150

huawei/p9_firmware

huawei/p9_lite_firmware < vns-l21c185b130

n/a/P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L02C636B150 and earlier versions P9,P9 Lite,P8 Lite Versions earlier than EVA-AL10C00B352,VNS-L21C185B130 and earlier versions,ALE-L0

Published Apr 02, 2017

Tracked Since Feb 18, 2026