CVE-2016-8769

MEDIUM

Huawei UTPS <UTPS-V200R003B015D16SPC00C983 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-8769. PoCs published by Dhruv Shah.

AI-analyzed exploit summary This exploit demonstrates an unquoted service path vulnerability in Huawei UTPS software, allowing local privilege escalation by placing a malicious executable in the service path. The service runs with SYSTEM privileges, enabling arbitrary code execution upon service restart or system reboot.

Description

Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file in the search path of the affected service and obtain elevated privileges after the executable file is executed.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dhruv Shah · textlocalwindows

https://www.exploit-db.com/exploits/40807

View Code ZIP pw:eip

This exploit demonstrates an unquoted service path vulnerability in Huawei UTPS software, allowing local privilege escalation by placing a malicious executable in the service path. The service runs with SYSTEM privileges, enabling arbitrary code execution upon service restart or system reboot.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Huawei UTPS Software versions earlier than UTPS-V200R003B015D16SPC00C983

Auth required

Prerequisites: Local access to the system · Ability to write to the service path directory

MITRE ATT&CK

T1546.005 - Trap

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, URL Repurposed x_refsource_misc

http://www.security-geek.in/2017/02/07/0day-discovery-system-level-access-by-privilege-escalation-of-huawei-manufactured-airtel-photon-dongles/

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94403

Vendor Advisory x_refsource_confirm

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-utps-en

Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40807/

Scores

CVSS v3 6.7

EPSS 0.0158

EPSS Percentile 72.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (2)

huawei/utps_firmware < v200r003b015d15sp00c983

Huawei Technologies Co., Ltd./Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983

Published Apr 02, 2017

Tracked Since Feb 18, 2026