var-201704-0499
Vulnerability from variot
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. Some of Huawei's mobile secure storage trusted applications (SecureStorageTrustedApp) have security bypass vulnerabilities. An attacker who has obtained root access to the Android system can exploit the vulnerability to read and write user-state memory data at any location in TrustZone. Multiple Huawei Products are prone to the following multiple security vulnerabilities. 1. A denial-of-service vulnerability. 2. A privilege escalation vulnerability. 3. Attackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0499",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "vns-l21c185b130"
},
{
"model": "p8 lite",
"scope": "lte",
"trust": 1.0,
"vendor": "huawei",
"version": "ale-l02c636b150"
},
{
"model": "p8 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b352",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite \u003cvns-l21c185b130",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite \u003cale-l02c636b150",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "vns-l21c185b130"
},
{
"model": "p8 lite",
"scope": "eq",
"trust": 0.6,
"vendor": "huawei",
"version": "ale-l02c636b150"
},
{
"model": "p9 lite vns-l21c185b130",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "p8 lite ale-l02c636b150",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 lite vns-l21c185b150",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al00c00b352",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "p8 lite ale-l02c636b170",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:p8_lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:p9_lite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:p9_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nick Stephens.",
"sources": [
{
"db": "BID",
"id": "94509"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8764",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 2.7,
"id": "CVE-2016-8764",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2016-11632",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 2.7,
"id": "VHN-97584",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"id": "CVE-2016-8764",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8764",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-8764",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-11632",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-655",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-97584",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-8764",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver. Huawei P9, P9Lite, and P8Lite are Huawei smartphones. Some of Huawei\u0027s mobile secure storage trusted applications (SecureStorageTrustedApp) have security bypass vulnerabilities. An attacker who has obtained root access to the Android system can exploit the vulnerability to read and write user-state memory data at any location in TrustZone. Multiple Huawei Products are prone to the following multiple security vulnerabilities. \n1. A denial-of-service vulnerability. \n2. A privilege escalation vulnerability. \n3. \nAttackers can exploit these issues to perform certain unauthorized actions or gain elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8764"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8764",
"trust": 3.5
},
{
"db": "BID",
"id": "94509",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11632",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97584",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-8764",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"id": "VAR-201704-0499",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
}
],
"trust": 1.2841406
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
}
]
},
"last_update_date": "2024-11-23T21:41:29.486000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161123-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
},
{
"title": "Huawei\u0027s mobile phone secure storage trusted application has a security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/84477"
},
{
"title": "Multiple Huawei Repair measures for device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65930"
},
{
"title": "boomerang",
"trust": 0.1,
"url": "https://github.com/ucsb-seclab/boomerang "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/23hour/boomerang_qemu "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/94509"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8764"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8764"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-01-smartphone-cn"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161123-01-smartphone-en"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/ucsb-seclab/boomerang"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"db": "VULHUB",
"id": "VHN-97584"
},
{
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"db": "BID",
"id": "94509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
},
{
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97584"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"date": "2016-11-24T00:00:00",
"db": "BID",
"id": "94509"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"date": "2016-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-655"
},
{
"date": "2017-04-02T20:59:01.327000",
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11632"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97584"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8764"
},
{
"date": "2016-12-20T01:02:00",
"db": "BID",
"id": "94509"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008238"
},
{
"date": "2016-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-655"
},
{
"date": "2024-11-21T03:00:01.063000",
"db": "NVD",
"id": "CVE-2016-8764"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "94509"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Smartphone software TrustZone Driver input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008238"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-655"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.