CVE-2015-8223 — MEDIUM (5.5)

Vulnerability Description

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver.

CVSS Score

5.5

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Huawei	P7 Firmware	All versions
Huawei	P7	-
Huawei	P8 Ale-Ul00 Firmware	-
Huawei	P8 Ale-Ul00	-

Related Weaknesses (CWE)

CWE-275

References

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/Vendor Advisory
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/Vendor Advisory

FAQ

What is CVE-2015-8223?

CVE-2015-8223 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via...

How severe is CVE-2015-8223?

CVE-2015-8223 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-8223?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei P7 Firmware, Huawei P7, Huawei P8 Ale-Ul00 Firmware, Huawei P8 Ale-Ul00.