Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-8088

CWE-119Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
0.8%
top 25.92%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Huawei Mate 7 FirmwareHuawei P8 Firmware
Timeline
PublishedJan 12
Latest updateMay 17

Description

Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/mate_7_firmware4 versions+3
NVDhuawei/p8_firmware5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-8fwf-4r37-rc6g: Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354,2022-05-17
CVEList
CVE-2015-8088: Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354,2016-01-12

💥Exploits & PoCs

1
Exploit-DB
Huawei Mate 7 - '/dev/hifi_misc' Privilege Escalation2016-01-24
CVE-2015-8088 (HIGH CVSS 7.8) | Heap-based buffer overflow in the H | cvebase.io