Huawei P2 "hx170dec" Privilege Escalation Vulnerability

CVE-2014-2273

    Type

  • Local Root Privilege Escalation on Huawei P2

    • Severity

  • High

    • Affected products

  • Hx170dec device

    • Date

  • 2014-11-05

    • CVE Reference

  • CVE-2014-2273
Read more

MWR have discovered a vulnerability in one of the kernel drivers shipped with the Huawei P2 mobile phone. This vulnerability allows any application on the phone to gain root privileges by making a specially crafted request to a block device that is accessible to any user.

The advisory can be downloaded here.