← Back

CVE-2015-8681

nvd nist
Published: Apr 7, 2016Modified: May 6, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the camera permission, aka an "interface access control vulnerability."

Affected (8)

Huawei
2 products
P8 Firmware
Mate S Firmware
Configuration A
5 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
P8 Firmware
Version gra-cl00
P8 Firmware
Version gra-cl10
P8 Firmware
Version gra-tl00
P8 Firmware
Version gra-ul00
P8 Firmware
Version gra-ul10
Running on/withPlatform Versions
Huawei
P8
All versions
Configuration B
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Mate S Firmware
Version crr-cl00
Mate S Firmware
Version crr-tl00
Mate S Firmware
Version crr-ul00
Running on/withPlatform Versions
Huawei
Mate S
All versions

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.