Security Notice - Statement About Two Privilege Escalation Vulnerabilities in Huawei Mate 7 Smartphone
- Initial Release Date: 2015-05-22
- Last Release Date: 2015-12-15
Di Shen from the Qihoo 360 Technology Co. Ltd reported two privilege escalation vulnerabilities in Huawei Mate7 smartphones to Huawei PSIRT in March, 2015 and will disclose the vulnerabilities at the Black Hat conference in August, 2015. Huawei has started the investigation and analysis and communicated with Di Shen immediately after receiving the report. Huawei has confirmed these vulnerabilities and provided fixed version in April, 2015.
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-432799.htm
Huawei has delivered Security Advisory. The link of the security advisory is:
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-432799.htm
2015-12-15 V1.1 FINAL
2015-05-22 V1.0 INITIAL
Huawei believes in the principle of coordinated disclosure and makes every effort to protect the interests of customers using established vulnerability handling mechanisms. If you find any security vulnerability in a Huawei product, please report to Huawei PSIRT at psirt@huawei.com. Your coordination efforts will be appreciated.
We would like to express our appreciation for Di Shen's coordinated way in dealing vulnerabilities.
Please refer to the following links:
https://www.blackhat.com/us-15/briefings.html#attacking-your-trusted-core-exploiting-trustzone-on-android
We would like to express our appreciation for Di Shen's coordinated way in dealing vulnerabilities.
Please refer to the following links:
https://www.blackhat.com/us-15/briefings.html#attacking-your-trusted-core-exploiting-trustzone-on-android