Vulnerability-Lookup

CVE-2014-8359 (GCVE-0-2014-8359)

Vulnerability from cvelistv5 – Published: 2014-11-13 15:00 – Updated: 2024-08-06 13:18

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

GSD-2014-8359

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-8359

Aliases

CVE-2014-8359

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-8359",
    "description": "Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory.",
    "id": "GSD-2014-8359",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2014-8359"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-8359"
      ],
      "details": "Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory.",
      "id": "GSD-2014-8359",
      "modified": "2023-12-13T01:22:49.105021Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-8359",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "70671",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/70671"
          },
          {
            "name": "http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html"
          },
          {
            "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm"
          },
          {
            "name": "huawei-mobile-cve20148359-code-exec(97682)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97682"
          },
          {
            "name": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/",
            "refsource": "MISC",
            "url": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:mobile_partner_firmware:23.009.05.03.1014:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ec177:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ec176:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:ec156:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8359"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "70671",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/70671"
            },
            {
              "name": "http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html"
            },
            {
              "name": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/"
            },
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm"
            },
            {
              "name": "huawei-mobile-cve20148359-code-exec(97682)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97682"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-09-08T01:29Z",
      "publishedDate": "2014-11-13T21:32Z"
    }
  }
}

VAR-201411-0377

Vulnerability from variot - Updated: 2025-04-13 23:27

Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory. du Mobile Broadband is a wireless bandwidth device from China's Huawei. There is a local elevation of privilege vulnerability in du Mobile broadband. A local attacker could use this vulnerability to execute arbitrary code with SYSTEM privileges. There are vulnerabilities in du Mobile broadband 16.002.03.16.124, other versions may also be affected. Attackers can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. It lets you access du wireless internetwherever you are and whenever you need it, all powered throughyour mobile data SIM or simply by connecting your 3G USB stickto your device.The application is vulnerable to an elevation of privilegesvulnerability which can be used by a simple user that can changethe executable file with a binary of choice. The vulnerabilityexist due to the improper permissions, with the 'F' flag (full)for the 'Everyone' and 'Users' group, for the 'du Mobile Broadband.exe'binary file. The files are installed in the 'du Mobile Broadband'directory which has the Everyone group assigned to it with fullpermissions making every single file inside vulnerable to changeby any user on the affected machine. After you replace the binarywith your rootkit, on reboot you get SYSTEM privileges.Tested on: Microsoft Windows 7 Ultimate SP1 (EN) 64bit. Huawei Mobile Partner for Windows is a 3G network card client for Windows platform of China Huawei (Huawei), which is mainly used for 3G dial-up Internet access

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0377",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mobile partner",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "huawei",
        "version": "23.009.05.03.1014"
      },
      {
        "model": "ec176",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "ec156",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "ec177",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "ec156",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "ec176",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "ec177",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "mobile partner",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "23.009.05.03.1014 (windows)"
      },
      {
        "model": "du mobile broadband",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "16.002.03.16.124"
      },
      {
        "model": "technologies du mobile broadband",
        "scope": "eq",
        "trust": 0.1,
        "vendor": "huawei",
        "version": "16.002.03.16.124"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8359"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:huawei:ec156",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:huawei:ec176",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:huawei:ec177",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:mobile_partner_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Osanda Malith",
    "sources": [
      {
        "db": "BID",
        "id": "70671"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2014-8359",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2014-8359",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2014-00063",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-07281",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-76304",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-8359",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-8359",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-00063",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-07281",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201410-1286",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "ZSL",
            "id": "ZSL-2013-5164",
            "trust": 0.1,
            "value": "(2/5)"
          },
          {
            "author": "VULHUB",
            "id": "VHN-76304",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76304"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8359"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory. du Mobile Broadband is a wireless bandwidth device from China\u0027s Huawei. \nThere is a local elevation of privilege vulnerability in du Mobile broadband. A local attacker could use this vulnerability to execute arbitrary code with SYSTEM privileges. There are vulnerabilities in du Mobile broadband 16.002.03.16.124, other versions may also be affected. \nAttackers can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. It lets you access du wireless internetwherever you are and whenever you need it, all powered throughyour mobile data SIM or simply by connecting your 3G USB stickto your device.The application is vulnerable to an elevation of privilegesvulnerability which can be used by a simple user that can changethe executable file with a binary of choice. The vulnerabilityexist due to the improper permissions, with the \u0027F\u0027 flag (full)for the \u0027Everyone\u0027 and \u0027Users\u0027 group, for the \u0027du Mobile Broadband.exe\u0027binary file. The files are installed in the \u0027du Mobile Broadband\u0027directory which has the Everyone group assigned to it with fullpermissions making every single file inside vulnerable to changeby any user on the affected machine. After you replace the binarywith your rootkit, on reboot you get SYSTEM privileges.Tested on: Microsoft Windows 7 Ultimate SP1 (EN) 64bit. Huawei Mobile Partner for Windows is a 3G network card client for Windows platform of China Huawei (Huawei), which is mainly used for 3G dial-up Internet access",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-8359"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-576"
      },
      {
        "db": "BID",
        "id": "70671"
      },
      {
        "db": "BID",
        "id": "64523"
      },
      {
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76304"
      }
    ],
    "trust": 3.96
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.zeroscience.mk/codes/dumb_pe.txt",
        "trust": 0.1,
        "type": "poc"
      },
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-76304",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76304"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-8359",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "70671",
        "trust": 2.6
      },
      {
        "db": "PACKETSTORM",
        "id": "128767",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "64523",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-576",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "97682",
        "trust": 0.6
      },
      {
        "db": "ZSL",
        "id": "ZSL-2013-5164",
        "trust": 0.4
      },
      {
        "db": "EXPLOIT-DB",
        "id": "30477",
        "trust": 0.2
      },
      {
        "db": "OSVDB",
        "id": "90090",
        "trust": 0.1
      },
      {
        "db": "CXSECURITY",
        "id": "WLB-2013120140",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "124557",
        "trust": 0.1
      },
      {
        "db": "XF",
        "id": "89907",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-76304",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76304"
      },
      {
        "db": "BID",
        "id": "70671"
      },
      {
        "db": "BID",
        "id": "64523"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8359"
      }
    ]
  },
  "id": "VAR-201411-0377",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76304"
      }
    ],
    "trust": 2.157142865
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      }
    ]
  },
  "last_update_date": "2025-04-13T23:27:21.881000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Huawei-SA-20141022- DLLHijacking",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-76304"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8359"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/70671"
      },
      {
        "trust": 2.0,
        "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm"
      },
      {
        "trust": 2.0,
        "url": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/"
      },
      {
        "trust": 1.7,
        "url": "http://packetstormsecurity.com/files/128767/huawei-mobile-partner-dll-hijacking.html"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/64523"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97682"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8359"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8359"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/97682"
      },
      {
        "trust": 0.3,
        "url": "http://blog.rapid7.com/?p=5325"
      },
      {
        "trust": 0.3,
        "url": "http://huaweinews.com/2013/08/download-mobile-partner-latest/"
      },
      {
        "trust": 0.3,
        "url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.huawei.com"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.technet.com/b/msrc/archive/2010/08/21/microsoft-security-advisory-2269637-released.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.attackvector.org/new-dll-hijacking-exploits-many/"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com/technet/security/advisory/2269637.mspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.du.ae/en/mobile/mobilebroadband"
      },
      {
        "trust": 0.3,
        "url": "http://www.zeroscience.mk/en/vulnerabilities/zsl-2013-5164.php"
      },
      {
        "trust": 0.1,
        "url": "http://cxsecurity.com/issue/wlb-2013120140"
      },
      {
        "trust": 0.1,
        "url": "http://packetstormsecurity.com/files/124557"
      },
      {
        "trust": 0.1,
        "url": "http://xforce.iss.net/xforce/xfdb/89907"
      },
      {
        "trust": 0.1,
        "url": "http://www.exploit-db.com/exploits/30477/"
      },
      {
        "trust": 0.1,
        "url": "http://www.vfocus.net/art/20131225/11294.html"
      },
      {
        "trust": 0.1,
        "url": "http://osvdb.org/show/osvdb/90090"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76304"
      },
      {
        "db": "BID",
        "id": "70671"
      },
      {
        "db": "BID",
        "id": "64523"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8359"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76304"
      },
      {
        "db": "BID",
        "id": "70671"
      },
      {
        "db": "BID",
        "id": "64523"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8359"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-12-19T00:00:00",
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "date": "2014-01-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "date": "2014-10-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "date": "2014-11-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-76304"
      },
      {
        "date": "2014-10-20T00:00:00",
        "db": "BID",
        "id": "70671"
      },
      {
        "date": "2013-12-19T00:00:00",
        "db": "BID",
        "id": "64523"
      },
      {
        "date": "2014-11-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "date": "2013-12-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201312-576"
      },
      {
        "date": "2014-10-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      },
      {
        "date": "2014-11-13T21:32:05.907000",
        "db": "NVD",
        "id": "CVE-2014-8359"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-01-05T00:00:00",
        "db": "ZSL",
        "id": "ZSL-2013-5164"
      },
      {
        "date": "2014-01-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-00063"
      },
      {
        "date": "2014-10-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-07281"
      },
      {
        "date": "2017-09-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-76304"
      },
      {
        "date": "2015-03-19T08:38:00",
        "db": "BID",
        "id": "70671"
      },
      {
        "date": "2013-12-19T00:00:00",
        "db": "BID",
        "id": "64523"
      },
      {
        "date": "2014-11-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      },
      {
        "date": "2013-12-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201312-576"
      },
      {
        "date": "2014-11-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2014-8359"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "64523"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      }
    ],
    "trust": 1.5
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Windows for  Huawei Mobile Partner Vulnerable to arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005442"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-1286"
      }
    ],
    "trust": 1.2
  }
}

GHSA-C32C-76VG-VG23

Vulnerability from github – Published: 2022-05-17 01:13 – Updated: 2025-04-12 12:41

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-8359"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-11-13T21:32:00Z",
    "severity": "HIGH"
  },
  "details": "Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory.",
  "id": "GHSA-c32c-76vg-vg23",
  "modified": "2025-04-12T12:41:53Z",
  "published": "2022-05-17T01:13:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8359"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97682"
    },
    {
      "type": "WEB",
      "url": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/70671"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2014-8359

Vulnerability from fkie_nvd - Published: 2014-11-13 21:32 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/	Exploit
cve@mitre.org	http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html	Exploit
cve@mitre.org	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/70671	Exploit
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/97682
af854a3a-2127-422b-91ae-364da2661108	http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/70671	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/97682

Impacted products

Vendor	Product	Version
huawei	mobile_partner_firmware	23.009.05.03.1014
huawei	ec156	-
huawei	ec176	-
huawei	ec177	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:mobile_partner_firmware:23.009.05.03.1014:*:*:*:*:*:*:*",
              "matchCriteriaId": "6694007B-98E0-4612-BEFF-5A5302FAB74F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ec156:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ADF6AD7-D1E0-4F87-807E-4A81DE6AC180",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ec176:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "481CD8C2-22EC-4D89-8572-D19A966E4D34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ec177:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E506BDAF-B31B-45A8-9DF1-BEF0C40356B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en Huawei Mobile Partner para Windows 23.009.05.03.1014 permite a usuarios locales ejecutar c\u00f3digo arbitrario y realizar ataques de secuestro de DLLs a trav\u00e9s de un caballo de troya en wintab32.dll en el directorio de Mobile Partner."
    }
  ],
  "evaluatorComment": "Per http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm, the Access Vector is Network",
  "id": "CVE-2014-8359",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-11-13T21:32:05.907",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/70671"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97682"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/128767/Huawei-Mobile-Partner-DLL-Hijacking.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/70671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97682"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-8359 (GCVE-0-2014-8359)

GSD-2014-8359

VAR-201411-0377

GHSA-C32C-76VG-VG23

FKIE_CVE-2014-8359

Tags

Sightings

Nomenclature