var-201704-0491
Vulnerability from variot
ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197 and earlier versions, NXT-TL10C00B197 and earlier versions, NXT-CL10C00B197 and earlier versions allows attackers to cause a denial of service (restart). HuaweiMate8 is a smartphone from China Huawei. There are local denial of service vulnerabilities in more than 8 versions of huaweimate. A local attacker could exploit the vulnerability to restart the device, resulting in a denial of service. Huawei Mate 8 is prone to a local denial-of-service vulnerability. The following versions are vulnerable: Mate 8 NXT-AL10C00B197 and prior versions are affected. Mate 8 NXT-DL10C00B197 and prior versions are affected. Mate 8 NXT-TL10C00B197 and prior versions are affected. Mate 8 NXT-CL10C00B197 and prior versions are affected. Huawei Mate 8 is a smartphone product of China's Huawei (Huawei). Attackers can exploit this vulnerability by enticing users to install malicious applications to send specific parameters to the phone, causing the system to restart
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0491",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mate 8",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "nxt-tl10c00b197"
},
{
"model": "mate 8",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "nxt-cl10c00b197"
},
{
"model": "mate 8",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "nxt-al10c00b197"
},
{
"model": "mate 8",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "nxt-dl10c00b197"
},
{
"model": "mate nxt-cl00c92b182",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-dl00c17b182",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-tl00c01b182",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-tl10c00b197",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-tl00c01b197",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-dl10c00b197",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-dl00c17b197",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-cl10c00b197",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-cl00c92b197",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-al10c00b197",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-al10c00b182",
"scope": "eq",
"trust": 0.9,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate 8",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "nxt-al10c00b197"
},
{
"model": "mate 8",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "nxt-cl10c00b197"
},
{
"model": "mate 8",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "nxt-dl10c00b197"
},
{
"model": "mate 8",
"scope": "lte",
"trust": 0.8,
"vendor": "huawei",
"version": "nxt-tl10c00b197"
},
{
"model": "mate nxt-tl10c00b301",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-dl10c00b301",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-cl10c00b301",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8"
},
{
"model": "mate nxt-al10c00b301",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"db": "BID",
"id": "93935"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
},
{
"db": "NVD",
"id": "CVE-2016-8756"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:mate_8_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hang Zhang, Dongdong She and Zhiyun Qian from University of California, Riverside.",
"sources": [
{
"db": "BID",
"id": "93935"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8756",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-8756",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-10621",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-97576",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2016-8756",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8756",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-8756",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-10621",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-823",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-97576",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"db": "VULHUB",
"id": "VHN-97576"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
},
{
"db": "NVD",
"id": "CVE-2016-8756"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197 and earlier versions, NXT-TL10C00B197 and earlier versions, NXT-CL10C00B197 and earlier versions allows attackers to cause a denial of service (restart). HuaweiMate8 is a smartphone from China Huawei. There are local denial of service vulnerabilities in more than 8 versions of huaweimate. A local attacker could exploit the vulnerability to restart the device, resulting in a denial of service. Huawei Mate 8 is prone to a local denial-of-service vulnerability. \nThe following versions are vulnerable:\nMate 8 NXT-AL10C00B197 and prior versions are affected. \nMate 8 NXT-DL10C00B197 and prior versions are affected. \nMate 8 NXT-TL10C00B197 and prior versions are affected. \nMate 8 NXT-CL10C00B197 and prior versions are affected. Huawei Mate 8 is a smartphone product of China\u0027s Huawei (Huawei). Attackers can exploit this vulnerability by enticing users to install malicious applications to send specific parameters to the phone, causing the system to restart",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8756"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"db": "BID",
"id": "93935"
},
{
"db": "VULHUB",
"id": "VHN-97576"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8756",
"trust": 3.4
},
{
"db": "BID",
"id": "93935",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-823",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-10621",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97576",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"db": "VULHUB",
"id": "VHN-97576"
},
{
"db": "BID",
"id": "93935"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
},
{
"db": "NVD",
"id": "CVE-2016-8756"
}
]
},
"id": "VAR-201704-0491",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"db": "VULHUB",
"id": "VHN-97576"
}
],
"trust": 1.36765326
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10621"
}
]
},
"last_update_date": "2024-11-23T22:52:31.596000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161026-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-smartphone-en"
},
{
"title": "HuaweiMate8 Local Denial of Service Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/83540"
},
{
"title": "Huawei Mate 8 Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65153"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97576"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"db": "NVD",
"id": "CVE-2016-8756"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/93935"
},
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8756"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8756"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"db": "VULHUB",
"id": "VHN-97576"
},
{
"db": "BID",
"id": "93935"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
},
{
"db": "NVD",
"id": "CVE-2016-8756"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"db": "VULHUB",
"id": "VHN-97576"
},
{
"db": "BID",
"id": "93935"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
},
{
"db": "NVD",
"id": "CVE-2016-8756"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97576"
},
{
"date": "2016-10-26T00:00:00",
"db": "BID",
"id": "93935"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"date": "2016-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-823"
},
{
"date": "2017-04-02T20:59:01.093000",
"db": "NVD",
"id": "CVE-2016-8756"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10621"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97576"
},
{
"date": "2016-11-24T01:04:00",
"db": "BID",
"id": "93935"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008231"
},
{
"date": "2016-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-823"
},
{
"date": "2024-11-21T03:00:00.110000",
"db": "NVD",
"id": "CVE-2016-8756"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei Mate 8 Smartphone software ION Service operation interruption in memory management module (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008231"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-823"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.