CVE-2016-8769
medium
CVSS v3
6.7
CVSS v2
7.2
VIR risk
6.7
Description
Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file in the search path of the affected service and obtain elevated privileges after the executable file is executed.
Predictions
Exploit likelihood
66%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@huawei.com — http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-utps-en
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-utps-en
- http://www.security-geek.in/2017/02/07/0day-discovery-system-level-access-by-privilege-escalation-of-huawei-manufactured-airtel-photon-dongles/
- http://www.securityfocus.com/bid/94403
- https://www.exploit-db.com/exploits/40807/
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-utps-en
- http://www.security-geek.in/2017/02/07/0day-discovery-system-level-access-by-privilege-escalation-of-huawei-manufactured-airtel-photon-dongles/
- http://www.securityfocus.com/bid/94403
- https://www.exploit-db.com/exploits/40807/
CWEs
CWE-264
Verify integrity in audit chain (admin only). AS-IS.