Security Notice - Statement on Securiteam.com Revealing Security Vulnerability in Huawei P8 Lite Smart Phones
- Initial Release Date: Dec 18, 2017
- Last Release Date: Dec 18, 2017
Huawei noticed that securiteam.com released information on security vulnerability in the Huawei P8 Lite smart phone on Dec. 17th, 2017. An attacker with root privileges can exploit this vulnerability to execute arbitrary code in the kernel context.
Securiteam.com had reported the vulnerability to Huawei PSIRT before disclosing the information. Huawei immediately launched a thorough investigation and communicated with securiteam.com.
According to investigation, related vulnerability exists in the version with EMUI 3.1, and the vulnerability was fixed with the EMUI 4.0 released in 2015. It is recommended that related customers upgrade smart phones to the latest version.
Here, we express our appreciation for securiteam.com’s concerns on Huawei products.
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.
