CVE-2016-8273

Published: Apr 2, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and further compromise the PC.

Vendor	Product	Versions
n/a	HiSuite 4.0.5.300_OVE	affected `HiSuite 4.0.5.300_OVE`

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160905-01-hisuite-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-8273

Description

Affected Products

References