Sign-up

ID

VAR-201712-0033


CVE

CVE-2014-8358


TITLE

plural Huawei Unreliable search path vulnerability in modem product software

Trust: 0.8

sources: JVNDB: JVNDB-2014-008447

DESCRIPTION

Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a low privilege account and modifying Mobile Partner.exe. Huawei EC156 , EC176 ,and EC177 USB Modem product software contains an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. du Mobile Broadband is a wireless bandwidth device from China's Huawei. There is a local elevation of privilege vulnerability in du Mobile broadband. A local attacker could use this vulnerability to execute arbitrary code with SYSTEM privileges. There are vulnerabilities in du Mobile broadband 16.002.03.16.124, other versions may also be affected. This may aid in further attacks. It lets you access du wireless internetwherever you are and whenever you need it, all powered throughyour mobile data SIM or simply by connecting your 3G USB stickto your device.The application is vulnerable to an elevation of privilegesvulnerability which can be used by a simple user that can changethe executable file with a binary of choice. The vulnerabilityexist due to the improper permissions, with the 'F' flag (full)for the 'Everyone' and 'Users' group, for the 'du Mobile Broadband.exe'binary file. The files are installed in the 'du Mobile Broadband'directory which has the Everyone group assigned to it with fullpermissions making every single file inside vulnerable to changeby any user on the affected machine. After you replace the binarywith your rootkit, on reboot you get SYSTEM privileges.Tested on: Microsoft Windows 7 Ultimate SP1 (EN) 64bit. Huawei EC156, EC176 and EC177 are wireless network card products of China Huawei (Huawei). The following versions are affected: Huawei EC156 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version; EC176 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version; EC177 UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) Version

Trust: 3.96

sources: NVD: CVE-2014-8358 // JVNDB: JVNDB-2014-008447 // CNVD: CNVD-2014-00063 // CNVD: CNVD-2014-07280 // CNNVD: CNNVD-201312-576 // BID: 70672 // BID: 64523 // ZSL: ZSL-2013-5164 // VULHUB: VHN-76303

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 1.2

sources: CNVD: CNVD-2014-00063 // CNVD: CNVD-2014-07280

AFFECTED PRODUCTS

vendor:huaweimodel:ec176scope:eqversion:v200r003b009d05sp03c1014

Trust: 1.6

vendor:huaweimodel:ec156scope:eqversion:v200r003b009d05sp03c1014

Trust: 1.6

vendor:huaweimodel:ec177scope:eqversion:v200r003b009d05sp03c1014

Trust: 1.6

vendor:huaweimodel:ec156scope:ltversion:utps-v200r003b015d02sp07c1014 (23.015.02.07.1014)

Trust: 0.8

vendor:huaweimodel:ec156scope:ltversion:v200r003b015d02sp08c1014 (23.015.02.08.1014)

Trust: 0.8

vendor:huaweimodel:ec176scope:ltversion:utps-v200r003b015d02sp07c1014 (23.015.02.07.1014)

Trust: 0.8

vendor:huaweimodel:ec176scope:ltversion:v200r003b015d02sp08c1014 (23.015.02.08.1014)

Trust: 0.8

vendor:huaweimodel:ec177scope:ltversion:utps-v200r003b015d02sp07c1014 (23.015.02.07.1014)

Trust: 0.8

vendor:huaweimodel:ec177scope:ltversion:v200r003b015d02sp08c1014 (23.015.02.08.1014)

Trust: 0.8

vendor:huaweimodel:du mobile broadbandscope:eqversion:16.002.03.16.124

Trust: 0.6

vendor:huaweimodel:mobile partnerscope:eqversion:11.302.09.00.03

Trust: 0.6

vendor:huaweimodel:technologies du mobile broadbandscope:eqversion:16.002.03.16.124

Trust: 0.1

sources: ZSL: ZSL-2013-5164 // CNVD: CNVD-2014-00063 // CNVD: CNVD-2014-07280 // JVNDB: JVNDB-2014-008447 // CNNVD: CNNVD-201410-1287 // NVD: CVE-2014-8358

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-8358
value: HIGH

Trust: 1.0

NVD: CVE-2014-8358
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-00063
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2014-07280
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201410-1287
value: CRITICAL

Trust: 0.6

ZSL: ZSL-2013-5164
value: (2/5)

Trust: 0.1

VULHUB: VHN-76303
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-8358
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-00063
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2014-07280
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-76303
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2014-8358
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: ZSL: ZSL-2013-5164 // CNVD: CNVD-2014-00063 // CNVD: CNVD-2014-07280 // VULHUB: VHN-76303 // JVNDB: JVNDB-2014-008447 // CNNVD: CNNVD-201410-1287 // NVD: CVE-2014-8358

PROBLEMTYPE DATA

problemtype:CWE-426

Trust: 1.9

sources: VULHUB: VHN-76303 // JVNDB: JVNDB-2014-008447 // NVD: CVE-2014-8358

THREAT TYPE

local

Trust: 1.2

sources: BID: 70672 // BID: 64523 // CNNVD: CNNVD-201312-576

TYPE

permissions and access control

Trust: 1.2

sources: CNNVD: CNNVD-201312-576 // CNNVD: CNNVD-201410-1287

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-008447

EXPLOIT AVAILABILITY
sources:
            
            
            ZSL: ZSL-2013-5164 // 
            
            
            
            VULHUB: VHN-76303

PATCH
title:Huawei-SA-20141022- DLLHijackingurl:http://www.huawei.com/us/psirt/security-advisories/2014/hw-376152
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-008447

EXTERNAL IDS
db:NVDid:CVE-2014-8358
Trust: 2.8
db:BIDid:70672
Trust: 2.6
db:PACKETSTORMid:128767
Trust: 1.7
db:BIDid:64523
Trust: 1.6
db:JVNDBid:JVNDB-2014-008447
Trust: 0.8
db:CNNVDid:CNNVD-201410-1287
Trust: 0.7
db:CNVDid:CNVD-2014-00063
Trust: 0.6
db:CNVDid:CNVD-2014-07280
Trust: 0.6
db:CNNVDid:CNNVD-201312-576
Trust: 0.6
db:ZSLid:ZSL-2013-5164
Trust: 0.4
db:EXPLOIT-DBid:30477
Trust: 0.2
db:OSVDBid:90090
Trust: 0.1
db:CXSECURITYid:WLB-2013120140
Trust: 0.1
db:PACKETSTORMid:124557
Trust: 0.1
db:XFid:89907
Trust: 0.1
db:SEEBUGid:SSVID-83860
Trust: 0.1
db:VULHUBid:VHN-76303
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2013-5164 // 
            
            
            
            CNVD: CNVD-2014-00063 // 
            
            
            
            CNVD: CNVD-2014-07280 // 
            
            
            
            VULHUB: VHN-76303 // 
            
            
            
            BID: 70672 // 
            
            
            
            BID: 64523 // 
            
            
            
            JVNDB: JVNDB-2014-008447 // 
            
            
            
            CNNVD: CNNVD-201312-576 // 
            
            
            
            CNNVD: CNNVD-201410-1287 // 
            
            
            
            NVD: CVE-2014-8358

REFERENCES
url:http://www.securityfocus.com/bid/70672
Trust: 2.3
url:http://www.huawei.com/us/psirt/security-advisories/2014/hw-376152
Trust: 1.7
url:https://packetstormsecurity.com/files/128767/huawei-mobile-partner-dll-hijacking.html
Trust: 1.7
url:http://www.securityfocus.com/bid/64523
Trust: 1.3
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8358
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2014-8358
Trust: 0.8
url:http://huaweinews.com/2013/08/download-mobile-partner-latest/
Trust: 0.3
url:http://osandamalith.wordpress.com/2014/10/20/escalating-local-privileges-using-mobile-partner/
Trust: 0.3
url:http://www.huawei.com
Trust: 0.3
url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-376152.htm
Trust: 0.3
url:http://www.du.ae/en/mobile/mobilebroadband
Trust: 0.3
url:http://www.zeroscience.mk/en/vulnerabilities/zsl-2013-5164.php
Trust: 0.3
url:http://cxsecurity.com/issue/wlb-2013120140
Trust: 0.1
url:http://packetstormsecurity.com/files/124557
Trust: 0.1
url:http://xforce.iss.net/xforce/xfdb/89907
Trust: 0.1
url:http://www.exploit-db.com/exploits/30477/
Trust: 0.1
url:http://www.vfocus.net/art/20131225/11294.html
Trust: 0.1
url:http://osvdb.org/show/osvdb/90090
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2013-5164 // 
            
            
            
            CNVD: CNVD-2014-00063 // 
            
            
            
            CNVD: CNVD-2014-07280 // 
            
            
            
            VULHUB: VHN-76303 // 
            
            
            
            BID: 70672 // 
            
            
            
            BID: 64523 // 
            
            
            
            JVNDB: JVNDB-2014-008447 // 
            
            
            
            CNNVD: CNNVD-201312-576 // 
            
            
            
            CNNVD: CNNVD-201410-1287 // 
            
            
            
            NVD: CVE-2014-8358

CREDITS
Osanda Malith
Trust: 0.9
sources:
            
            
            BID: 70672 // 
            
            
            
            CNNVD: CNNVD-201410-1287

SOURCES
db:ZSLid:ZSL-2013-5164
db:CNVDid:CNVD-2014-00063
db:CNVDid:CNVD-2014-07280
db:VULHUBid:VHN-76303
db:BIDid:70672
db:BIDid:64523
db:JVNDBid:JVNDB-2014-008447
db:CNNVDid:CNNVD-201312-576
db:CNNVDid:CNNVD-201410-1287
db:NVDid:CVE-2014-8358

LAST UPDATE DATE
2025-04-20T23:30:49.981000+00:00

SOURCES UPDATE DATE
db:ZSLid:ZSL-2013-5164date:2014-01-05T00:00:00
db:CNVDid:CNVD-2014-00063date:2014-01-07T00:00:00
db:CNVDid:CNVD-2014-07280date:2014-10-23T00:00:00
db:VULHUBid:VHN-76303date:2017-12-29T00:00:00
db:BIDid:70672date:2015-03-19T09:15:00
db:BIDid:64523date:2013-12-19T00:00:00
db:JVNDBid:JVNDB-2014-008447date:2018-01-18T00:00:00
db:CNNVDid:CNNVD-201312-576date:2013-12-31T00:00:00
db:CNNVDid:CNNVD-201410-1287date:2017-12-13T00:00:00
db:NVDid:CVE-2014-8358date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:ZSLid:ZSL-2013-5164date:2013-12-19T00:00:00
db:CNVDid:CNVD-2014-00063date:2014-01-03T00:00:00
db:CNVDid:CNVD-2014-07280date:2014-10-23T00:00:00
db:VULHUBid:VHN-76303date:2017-12-11T00:00:00
db:BIDid:70672date:2014-10-20T00:00:00
db:BIDid:64523date:2013-12-19T00:00:00
db:JVNDBid:JVNDB-2014-008447date:2018-01-18T00:00:00
db:CNNVDid:CNNVD-201312-576date:2013-12-31T00:00:00
db:CNNVDid:CNNVD-201410-1287date:2014-10-27T00:00:00
db:NVDid:CVE-2014-8358date:2017-12-11T21:29:00.237