EUVD-2017-8306

Malware in sbrugna...

Design/Logic Flaw

Huawei Enjoy 5s and Y6 Pro smartphones with software the versions before TAG-AL00C92B170; the versions before TIT-L01C576B121 have an information leak vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious application on the smart phone and th...

CVE-2017-17140

CVE-2017-17140 affects Huawei Enjoy 5s and Y6 Pro smartphones on software versions prior to TAG-AL00C92B170 and TIT-L01C576B121. The vulnerability arises from lack of parameter validation, enabling a malicious application installed by a user to read sensitive information from kernel memory, causi...

Huawei Y6 Pro AEE extension module information leak leaks

Huawei Y6 Pro is a smartphone from Chinese company Huawei Huawei. An information disclosure vulnerability exists in Huawei Y6 Pro phones using the AEE extension module of the MTK platform. Due to improper authorization of specific processes, an attacker may trick users into installing a malicious...

Huawei Y6 Pro graphics driver buffer overflow vulnerability

Huawei Y6 Pro is a smartphone from Chinese company Huawei Huawei. A buffer overflow vulnerability exists in the graphics driver of Huawei Y6 Pro phones using the MTK platform. Due to insufficient input checksum, an attacker induces a user to install a malicious application that has gained system...

Huawei Y6 Pro graphics driver memory leak vulnerability

Huawei Y6 Pro is a smartphone from Chinese company Huawei Huawei. A memory leak vulnerability exists in the graphics driver of Huawei Y6 Pro phones using the MTK platform. Due to insufficient input checksum, an attacker induces a user to install a malicious application that has gained system...