Skip to main content

Mate 8 Firmware CVE-2016-3681

HIGH
Buffer Overflow (CWE-119)
2016-05-26 cve@mitre.org
7.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 26, 2016 - 16:59 cve.org
HIGH 7.8

DescriptionCVE.org

Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted application, aka HWPSIRT-2016-03021.

AnalysisAI

Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted application, aka HWPSIRT-2016-03021. Affected products include: Huawei Mate 8 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2016-5230 HIGH
8.8 Jun 30

Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL bef

CVE-2016-5231 HIGH
7.8 Jun 30

Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL bef

CVE-2016-3680 HIGH
7.8 May 26

Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-D

CVE-2016-8794 HIGH
7.1 Apr 02

Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT

CVE-2016-8792 HIGH
7.1 Apr 02

Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT

CVE-2016-8791 HIGH
7.1 Apr 02

Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT

CVE-2016-8774 MEDIUM
6.7 Apr 02

The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386,

CVE-2016-8793 MEDIUM
6.7 Apr 02

Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT

CVE-2016-5232 MEDIUM
5.5 Jun 30

Buffer overflow in Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B

CVE-2016-8758 MEDIUM
5.5 Apr 02

ION memory management module in Huawei Mate8 phones with software NXT-AL10C00B561 and earlier versions, NXT-CL10C00B561

CVE-2016-8756 MEDIUM
5.5 Apr 02

ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197

CVE-2016-5233 LOW
3.7 Jun 10

Huawei Mate 8 smartphones with software NXT-AL10 before NXT-AL10C00B182, NXT-CL00 before NXT-CL00C92B182, NXT-DL00 befor

Share

CVE-2016-3681 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy