Sign-up

ID

VAR-201411-0377


CVE

CVE-2014-8359


TITLE

Windows for Huawei Mobile Partner Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2014-005442

DESCRIPTION

Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory. du Mobile Broadband is a wireless bandwidth device from China's Huawei. There is a local elevation of privilege vulnerability in du Mobile broadband. A local attacker could use this vulnerability to execute arbitrary code with SYSTEM privileges. There are vulnerabilities in du Mobile broadband 16.002.03.16.124, other versions may also be affected. Attackers can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. It lets you access du wireless internetwherever you are and whenever you need it, all powered throughyour mobile data SIM or simply by connecting your 3G USB stickto your device.The application is vulnerable to an elevation of privilegesvulnerability which can be used by a simple user that can changethe executable file with a binary of choice. The vulnerabilityexist due to the improper permissions, with the 'F' flag (full)for the 'Everyone' and 'Users' group, for the 'du Mobile Broadband.exe'binary file. The files are installed in the 'du Mobile Broadband'directory which has the Everyone group assigned to it with fullpermissions making every single file inside vulnerable to changeby any user on the affected machine. After you replace the binarywith your rootkit, on reboot you get SYSTEM privileges.Tested on: Microsoft Windows 7 Ultimate SP1 (EN) 64bit. Huawei Mobile Partner for Windows is a 3G network card client for Windows platform of China Huawei (Huawei), which is mainly used for 3G dial-up Internet access

Trust: 3.96

sources: NVD: CVE-2014-8359 // JVNDB: JVNDB-2014-005442 // CNVD: CNVD-2014-00063 // CNVD: CNVD-2014-07281 // CNNVD: CNNVD-201312-576 // BID: 70671 // BID: 64523 // ZSL: ZSL-2013-5164 // VULHUB: VHN-76304

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 1.2

sources: CNVD: CNVD-2014-00063 // CNVD: CNVD-2014-07281

AFFECTED PRODUCTS

vendor:huaweimodel:mobile partnerscope:eqversion:23.009.05.03.1014

Trust: 2.2

vendor:huaweimodel:ec176scope:eqversion: -

Trust: 1.0

vendor:huaweimodel:ec156scope:eqversion: -

Trust: 1.0

vendor:huaweimodel:ec177scope:eqversion: -

Trust: 1.0

vendor:huaweimodel:ec156scope: - version: -

Trust: 0.8

vendor:huaweimodel:ec176scope: - version: -

Trust: 0.8

vendor:huaweimodel:ec177scope: - version: -

Trust: 0.8

vendor:huaweimodel:mobile partnerscope:eqversion:23.009.05.03.1014 (windows)

Trust: 0.8

vendor:huaweimodel:du mobile broadbandscope:eqversion:16.002.03.16.124

Trust: 0.6

vendor:huaweimodel:technologies du mobile broadbandscope:eqversion:16.002.03.16.124

Trust: 0.1

sources: ZSL: ZSL-2013-5164 // CNVD: CNVD-2014-00063 // CNVD: CNVD-2014-07281 // JVNDB: JVNDB-2014-005442 // CNNVD: CNNVD-201410-1286 // NVD: CVE-2014-8359

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-8359
value: HIGH

Trust: 1.0

NVD: CVE-2014-8359
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-00063
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2014-07281
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201410-1286
value: HIGH

Trust: 0.6

ZSL: ZSL-2013-5164
value: (2/5)

Trust: 0.1

VULHUB: VHN-76304
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-8359
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-00063
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2014-07281
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-76304
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: ZSL: ZSL-2013-5164 // CNVD: CNVD-2014-00063 // CNVD: CNVD-2014-07281 // VULHUB: VHN-76304 // JVNDB: JVNDB-2014-005442 // CNNVD: CNNVD-201410-1286 // NVD: CVE-2014-8359

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-76304 // JVNDB: JVNDB-2014-005442 // NVD: CVE-2014-8359

THREAT TYPE

local

Trust: 1.5

sources: BID: 64523 // CNNVD: CNNVD-201312-576 // CNNVD: CNNVD-201410-1286

TYPE

permissions and access control

Trust: 1.2

sources: CNNVD: CNNVD-201312-576 // CNNVD: CNNVD-201410-1286

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-005442

EXPLOIT AVAILABILITY
sources:
            
            
            ZSL: ZSL-2013-5164 // 
            
            
            
            VULHUB: VHN-76304

PATCH
title:Huawei-SA-20141022- DLLHijackingurl:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-005442

EXTERNAL IDS
db:NVDid:CVE-2014-8359
Trust: 3.4
db:BIDid:70671
Trust: 2.6
db:PACKETSTORMid:128767
Trust: 1.7
db:BIDid:64523
Trust: 1.6
db:JVNDBid:JVNDB-2014-005442
Trust: 0.8
db:CNNVDid:CNNVD-201410-1286
Trust: 0.7
db:CNVDid:CNVD-2014-00063
Trust: 0.6
db:CNVDid:CNVD-2014-07281
Trust: 0.6
db:CNNVDid:CNNVD-201312-576
Trust: 0.6
db:XFid:97682
Trust: 0.6
db:ZSLid:ZSL-2013-5164
Trust: 0.4
db:EXPLOIT-DBid:30477
Trust: 0.2
db:OSVDBid:90090
Trust: 0.1
db:CXSECURITYid:WLB-2013120140
Trust: 0.1
db:PACKETSTORMid:124557
Trust: 0.1
db:XFid:89907
Trust: 0.1
db:VULHUBid:VHN-76304
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2013-5164 // 
            
            
            
            CNVD: CNVD-2014-00063 // 
            
            
            
            CNVD: CNVD-2014-07281 // 
            
            
            
            VULHUB: VHN-76304 // 
            
            
            
            BID: 70671 // 
            
            
            
            BID: 64523 // 
            
            
            
            JVNDB: JVNDB-2014-005442 // 
            
            
            
            CNNVD: CNNVD-201312-576 // 
            
            
            
            CNNVD: CNNVD-201410-1286 // 
            
            
            
            NVD: CVE-2014-8359

REFERENCES
url:http://www.securityfocus.com/bid/70671
Trust: 2.3
url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm
Trust: 2.0
url:http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/
Trust: 2.0
url:http://packetstormsecurity.com/files/128767/huawei-mobile-partner-dll-hijacking.html
Trust: 1.7
url:http://www.securityfocus.com/bid/64523
Trust: 1.3
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/97682
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8359
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8359
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/97682
Trust: 0.6
url:http://blog.rapid7.com/?p=5325
Trust: 0.3
url:http://huaweinews.com/2013/08/download-mobile-partner-latest/
Trust: 0.3
url:http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html
Trust: 0.3
url:http://www.huawei.com
Trust: 0.3
url:http://blogs.technet.com/b/msrc/archive/2010/08/21/microsoft-security-advisory-2269637-released.aspx
Trust: 0.3
url:http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx
Trust: 0.3
url:http://www.attackvector.org/new-dll-hijacking-exploits-many/
Trust: 0.3
url:http://www.microsoft.com/technet/security/advisory/2269637.mspx
Trust: 0.3
url:http://www.du.ae/en/mobile/mobilebroadband
Trust: 0.3
url:http://www.zeroscience.mk/en/vulnerabilities/zsl-2013-5164.php
Trust: 0.3
url:http://cxsecurity.com/issue/wlb-2013120140
Trust: 0.1
url:http://packetstormsecurity.com/files/124557
Trust: 0.1
url:http://xforce.iss.net/xforce/xfdb/89907
Trust: 0.1
url:http://www.exploit-db.com/exploits/30477/
Trust: 0.1
url:http://www.vfocus.net/art/20131225/11294.html
Trust: 0.1
url:http://osvdb.org/show/osvdb/90090
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2013-5164 // 
            
            
            
            CNVD: CNVD-2014-00063 // 
            
            
            
            CNVD: CNVD-2014-07281 // 
            
            
            
            VULHUB: VHN-76304 // 
            
            
            
            BID: 70671 // 
            
            
            
            BID: 64523 // 
            
            
            
            JVNDB: JVNDB-2014-005442 // 
            
            
            
            CNNVD: CNNVD-201312-576 // 
            
            
            
            CNNVD: CNNVD-201410-1286 // 
            
            
            
            NVD: CVE-2014-8359

CREDITS
Osanda Malith
Trust: 0.9
sources:
            
            
            BID: 70671 // 
            
            
            
            CNNVD: CNNVD-201410-1286

SOURCES
db:ZSLid:ZSL-2013-5164
db:CNVDid:CNVD-2014-00063
db:CNVDid:CNVD-2014-07281
db:VULHUBid:VHN-76304
db:BIDid:70671
db:BIDid:64523
db:JVNDBid:JVNDB-2014-005442
db:CNNVDid:CNNVD-201312-576
db:CNNVDid:CNNVD-201410-1286
db:NVDid:CVE-2014-8359

LAST UPDATE DATE
2025-04-13T23:27:21.881000+00:00

SOURCES UPDATE DATE
db:ZSLid:ZSL-2013-5164date:2014-01-05T00:00:00
db:CNVDid:CNVD-2014-00063date:2014-01-07T00:00:00
db:CNVDid:CNVD-2014-07281date:2014-10-23T00:00:00
db:VULHUBid:VHN-76304date:2017-09-08T00:00:00
db:BIDid:70671date:2015-03-19T08:38:00
db:BIDid:64523date:2013-12-19T00:00:00
db:JVNDBid:JVNDB-2014-005442date:2014-11-14T00:00:00
db:CNNVDid:CNNVD-201312-576date:2013-12-31T00:00:00
db:CNNVDid:CNNVD-201410-1286date:2014-11-14T00:00:00
db:NVDid:CVE-2014-8359date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:ZSLid:ZSL-2013-5164date:2013-12-19T00:00:00
db:CNVDid:CNVD-2014-00063date:2014-01-03T00:00:00
db:CNVDid:CNVD-2014-07281date:2014-10-23T00:00:00
db:VULHUBid:VHN-76304date:2014-11-13T00:00:00
db:BIDid:70671date:2014-10-20T00:00:00
db:BIDid:64523date:2013-12-19T00:00:00
db:JVNDBid:JVNDB-2014-005442date:2014-11-14T00:00:00
db:CNNVDid:CNNVD-201312-576date:2013-12-31T00:00:00
db:CNNVDid:CNNVD-201410-1286date:2014-10-27T00:00:00
db:NVDid:CVE-2014-8359date:2014-11-13T21:32:05.907