7.1
CVE-2015-8678
- EPSS 0.12%
- Published 24.03.2017 14:59:00
- Last modified 20.04.2025 01:37:25
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The ION driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows remote attackers to cause a denial of service (crash) via a crafted application.
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ Mate S Firmware Version <= crr-cl00c92b153
Huawei ≫ Mate S Firmware Version <= crr-tl00c01b153sp01
Huawei ≫ Mate S Firmware Version <= crr-ul00c00b153
Huawei ≫ P8 Firmware Versiongra-cl00c92b220
Huawei ≫ P8 Firmware Versiongra-cl10c92b220
Huawei ≫ P8 Firmware Versiongra-tl00c01b220
Huawei ≫ P8 Firmware Versiongra-ul00c00b220
Huawei ≫ P8 Firmware Versiongra-ul10c00b220
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.276 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.