A vulnerability, which was classified as critical, was found in Huawei P9 and Honor 6. This affects an unknown part of the component Touchscreen Driver. The manipulation leads to memory corruption. The CWE definition for the vulnerability is CWE-119. The bug was discovered 10/12/2016. The weakness was released 04/02/2017 with Qihoo 360 as sa-20161012-01 (Website). The advisory is shared at huawei.com. This vulnerability is uniquely identified as CVE-2016-8760. An attack has to be approached locally. There are no technical details available. There is no exploit available. The price for an exploit might be around USD $0-$5k at the moment. It is declared as not defined. The vulnerability was handled as a non-public zero-day exploit for at least 172 days. We expect the 0-day to have been worth approximately $5k-$25k. It is recommended to upgrade the affected component. A possible mitigation has been published even before and not after the disclosure of the vulnerability. The vulnerability is also documented other vulnerability databases: SecurityFocus (BID 93530).
Are you interested in using VulDB?
Download the whitepaper to learn more about our service!