Search criteria
1 vulnerability found for nem-l21 by huawei
VAR-201704-0504
Vulnerability from variot - Updated: 2025-04-20 23:27Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow. Huawei Play 5C is Huawei's smartphone. There is a buffer overflow vulnerability in Huawei's 5C mobile phone TP touch screen driver. Huawei NEM is prone to a local buffer-overflow vulnerability. Local attackers can exploit this issue to run arbitrary code, elevate root privilege or crash the system causing a denial of service condition. The following versions are vulnerable: Huawei NEM versions prior to AL10C00B130 are affected. Huawei NEM versions prior to UL10C17B160 are affected. Huawei NEM versions prior to UL10C00B160 are affected. Huawei NEM versions prior to TL00C01B160 are affected. Huawei NEM versions prior to TL00HC00B160 are affected. Huawei NEM is a smartphone product of China's Huawei (Huawei)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0504",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nem-al10",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "nem-l51",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "nem-l21",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "nem-l22",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "nem-al10",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "play 5c \u003cnem-al10c00b130",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "play 5c \u003cnem-ul10c17b160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "play 5c \u003cnem-ul10c00b160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "play 5c \u003cnem-tl00c01b160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "play 5c \u003cnem-tl00hc00b160",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "nem",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "0"
},
{
"model": "nem ul10c17b160",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nem ul10c00b160",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nem tl00hc00b160",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nem tl00c01b160",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nem al10c00b130",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"db": "BID",
"id": "94506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
},
{
"db": "NVD",
"id": "CVE-2016-8775"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:nem-al10_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhao Jianqiang from Lab 0x031E of Qihoo 360 Technology Co. Ltd.",
"sources": [
{
"db": "BID",
"id": "94506"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8775",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-8775",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.5,
"id": "CNVD-2016-11629",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-97595",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2016-8775",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8775",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-8775",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-11629",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-659",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-97595",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"db": "VULHUB",
"id": "VHN-97595"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
},
{
"db": "NVD",
"id": "CVE-2016-8775"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow. Huawei Play 5C is Huawei\u0027s smartphone. There is a buffer overflow vulnerability in Huawei\u0027s 5C mobile phone TP touch screen driver. Huawei NEM is prone to a local buffer-overflow vulnerability. \nLocal attackers can exploit this issue to run arbitrary code, elevate root privilege or crash the system causing a denial of service condition. \nThe following versions are vulnerable:\nHuawei NEM versions prior to AL10C00B130 are affected. \nHuawei NEM versions prior to UL10C17B160 are affected. \nHuawei NEM versions prior to UL10C00B160 are affected. \nHuawei NEM versions prior to TL00C01B160 are affected. \nHuawei NEM versions prior to TL00HC00B160 are affected. Huawei NEM is a smartphone product of China\u0027s Huawei (Huawei)",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8775"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"db": "BID",
"id": "94506"
},
{
"db": "VULHUB",
"id": "VHN-97595"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8775",
"trust": 3.4
},
{
"db": "BID",
"id": "94506",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11629",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97595",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"db": "VULHUB",
"id": "VHN-97595"
},
{
"db": "BID",
"id": "94506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
},
{
"db": "NVD",
"id": "CVE-2016-8775"
}
]
},
"id": "VAR-201704-0504",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"db": "VULHUB",
"id": "VHN-97595"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11629"
}
]
},
"last_update_date": "2025-04-20T23:27:26.388000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161123-03-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-03-smartphone-en"
},
{
"title": "Huawei Plays 5C Mobile Phone TP Touch Screen Driver Patch with Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/84450"
},
{
"title": "Huawei NEM Fixes for local buffer overflow vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65933"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97595"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"db": "NVD",
"id": "CVE-2016-8775"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-03-smartphone-en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94506"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8775"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8775"
},
{
"trust": 0.6,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161123-03-smartphone-cn"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"db": "VULHUB",
"id": "VHN-97595"
},
{
"db": "BID",
"id": "94506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
},
{
"db": "NVD",
"id": "CVE-2016-8775"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"db": "VULHUB",
"id": "VHN-97595"
},
{
"db": "BID",
"id": "94506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
},
{
"db": "NVD",
"id": "CVE-2016-8775"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97595"
},
{
"date": "2016-11-23T00:00:00",
"db": "BID",
"id": "94506"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"date": "2016-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-659"
},
{
"date": "2017-04-02T20:59:01.470000",
"db": "NVD",
"id": "CVE-2016-8775"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11629"
},
{
"date": "2017-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-97595"
},
{
"date": "2016-12-20T02:02:00",
"db": "BID",
"id": "94506"
},
{
"date": "2017-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008217"
},
{
"date": "2016-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-659"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-8775"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "94506"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei NEM Phone Software Touch Panel Buffer error vulnerability in driver",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008217"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-659"
}
],
"trust": 0.6
}
}