Di Shen from the Qihoo 360 Technology Co. Ltd reported two privilege escalation vulnerabilities in Huawei Mate7 smartphones to Huawei PSIRT in March, 2015 and will disclose the vulnerabilities at the Black Hat conference in August, 2015. Huawei has started the investigation and analysis and communicated with Di Shen immediately after receiving the report. Huawei has confirmed these vulnerabilities and provided fixed version in April, 2015.
Huawei has delivered Security Advisory. The link of the security advisory is:
Huawei believes in the principle of coordinated disclosure and makes every effort to protect the interests of customers using established vulnerability handling mechanisms. If you find any security vulnerability in a Huawei product, please report to Huawei PSIRT at psirt@huawei.com. Your coordination efforts will be appreciated.
We would like to express our appreciation for Di Shen's coordinated way in dealing vulnerabilities.