TrustZone Driver Input Validation Vulnerability in Huawei P9, P9 Lite, and P8 Lite Phones

TrustZone Driver Input Validation Vulnerability in Huawei P9, P9 Lite, and P8 Lite Phones

CVE-2016-8764 · MEDIUM Severity

AV:L/AC:M/AU:S/C:P/I:P/A:P

The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver.

Learn more about our User Device Pen Test.