A vulnerability, which was classified as critical, has been found in Huawei P9 and Honor 6. Affected by this issue is some unknown functionality of the component Video Driver. The manipulation leads to memory corruption. Using CWE to declare the problem leads to CWE-119. The bug was discovered 10/12/2016. The weakness was published 04/02/2017 with Qihoo 360 as sa-20161012-01 (Website). The advisory is shared for download at huawei.com. This vulnerability is handled as CVE-2016-8759. The attack needs to be approached locally. There are no technical details available. There is no exploit available. The current price for an exploit might be approx. USD $0-$5k at the moment. It is declared as not defined. The vulnerability was handled as a non-public zero-day exploit for at least 172 days. As 0-day the estimated underground price was around $5k-$25k. It is recommended to upgrade the affected component. A possible mitigation has been published even before and not after the disclosure of the vulnerability. The vulnerability is also documented other vulnerability databases: SecurityFocus (BID 93530).
Are you interested in using VulDB?
Download the whitepaper to learn more about our service!