Published: 23/05/2016 Updated: 25/05/2016

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Mobile Broadband Hl Service

The Huawei Mobile Broadband HL Service 22.001.25.00.03 and previous versions uses a weak ACL for the MobileBrServ program data directory, which allows local users to gain SYSTEM privileges by modifying VERSION.dll.

Vulnerable Product	Search on Vulmon	Subscribe to Product
huawei mobile broadband hl service

Huawei Mobile Broadband HL Service versions 22001250003 and below are vulnerable to a DLL side loading attack allowing normal unprivileged users to gain full SYSTEM access ...

CWE-264 http://packetstormsecurity.com/files/137025/Huawei-Mobile-Broadband-HL-Service-22.001.25.00.03-Local-Privilege-Escalation.html https://www.youtube.com/watch?v=MwtjE2PmEJU https://bogner.sh/2016/05/cve-2016-2855-huawei-mobile-broadband-hl-service-local-privilege-escalation/http://seclists.org/fulldisclosure/2016/May/34 https://nvd.nist.gov https://packetstormsecurity.com/files/137025/Huawei-Mobile-Broadband-HL-Service-22.001.25.00.03-Local-Privilege-Escalation.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-2855

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect