What is CVE-2015-8679?

CVE-2015-8679 is a medium-severity vulnerability in Huawei Mate_s, classified under Improper Access Control. CVSS score: 5.5/10. Published 2016-04-07.

How severe is CVE-2015-8679?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Is CVE-2015-8679 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Huawei Mate_s

CVE-2015-8679

The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and…

EPSS: 0.001 (18.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H.

Affected products

Huawei Mate_s
Huawei Mate_s_firmware — versions crr-cl00, crr-tl00, crr-ul00
Huawei P8
Huawei P8_firmware — versions gra-cl00, gra-cl10, gra-tl00
N/a — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

Public proof-of-concept exploits

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2015-8679?: CVE-2015-8679 is a medium-severity vulnerability in Huawei Mate_s, classified under Improper Access Control. CVSS score: 5.5/10. Published 2016-04-07.
How severe is CVE-2015-8679?: Medium severity. CVSS v3 base score is 5.5 out of 10.
Is CVE-2015-8679 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.