The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application.
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Honor_6_firmware | Huawei | h60-l01 (including) | h60-l01c00b850 (including) |
| Honor_6_firmware | Huawei | h60-l02 (including) | h60-l02c00b850 (including) |
| Honor_6_firmware | Huawei | h60-l03 (including) | h60-l03c01b850 (including) |
| Honor_6_firmware | Huawei | h60-l11 (including) | h60-l11c00b850 (including) |
| Honor_6_firmware | Huawei | h60-l12 (including) | h60-l12c00b850 (including) |
| Honor_6_firmware | Huawei | h60-l21 (including) | h60-l21c00b850 (including) |
Access control involves the use of several protection mechanisms such as:
When any mechanism is not applied or otherwise fails, attackers can compromise the security of the product by gaining privileges, reading sensitive information, executing commands, evading detection, etc. There are two distinct behaviors that can introduce access control weaknesses: