What is CVE-2015-8678?

CVE-2015-8678 is a medium-severity vulnerability in Huawei Mate_s, classified under Improper Input Validation. CVSS score: 5.5/10. Published 2017-03-24.

How severe is CVE-2015-8678?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Is CVE-2015-8678 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Huawei Mate_s

CVE-2015-8678

The ION driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartp…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (30.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H.

Affected products

Huawei Mate_s
Huawei Mate_s_firmware
Huawei P8
Huawei P8_firmware — versions gra-cl00c92b220, gra-cl10c92b220, gra-tl00c01b220
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2015-8678?: CVE-2015-8678 is a medium-severity vulnerability in Huawei Mate_s, classified under Improper Input Validation. CVSS score: 5.5/10. Published 2017-03-24.
How severe is CVE-2015-8678?: Medium severity. CVSS v3 base score is 5.5 out of 10.
Is CVE-2015-8678 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.