What is CVE-2016-8768?

CVE-2016-8768 is a high-severity vulnerability in Huawei Honor_6, classified under CWE-254. CVSS score: 7.8/10. Published 2017-04-02.

How severe is CVE-2016-8768?

High severity. CVSS v3 base score is 7.8 out of 10.

Is CVE-2016-8768 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Huawei Honor_6

CVE-2016-8768

Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 could allow attackers to disable the PXN defense mechanism by invoking related drive code to crash the system or escalate privilege.

EPSS: 0.001 (17.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Huawei Honor_6
Huawei Honor_6_firmware
Huawei Honor_6_plus
Huawei Honor_6_plus_firmware
Huawei Honor_7
Huawei Honor_7_firmware
N/a Honor 6,honor 6 Plus,honor 7 Versions Earlier Than 6.9.16 — versions Honor 6,Honor 6 Plus,Honor 7 Versions earlier than 6.9.16

Weakness classification (CWE)

CWE-254

Public proof-of-concept exploits

jiayy/android_

References

psirt@huawei.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@huawei.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-8768?: CVE-2016-8768 is a high-severity vulnerability in Huawei Honor_6, classified under CWE-254. CVSS score: 7.8/10. Published 2017-04-02.
How severe is CVE-2016-8768?: High severity. CVSS v3 base score is 7.8 out of 10.
Is CVE-2016-8768 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.