A vulnerability has been found in Huawei P9 and Honor 6 and classified as critical. This vulnerability affects unknown code of the component Video Driver. The manipulation leads to memory corruption. Using CWE to declare the problem leads to CWE-119. The bug was discovered 10/12/2016. The weakness was disclosed 04/02/2017 with Qihoo 360 as sa-20161012-01 (Website). The advisory is available at huawei.com. This vulnerability was named CVE-2016-8761. Local access is required to approach this attack. There are no technical details available. There is no exploit available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment. It is declared as not defined. The vulnerability was handled as a non-public zero-day exploit for at least 172 days. As 0-day the estimated underground price was around $5k-$25k. It is recommended to upgrade the affected component. A possible mitigation has been published even before and not after the disclosure of the vulnerability. The vulnerability is also documented other vulnerability databases: SecurityFocus (BID 93530).
Do you know our Splunk app?
Download it now for free!