Man-in-the-Middle (MitM) attack in Huawei P30 Pro



Published: 2019-06-04 | Updated: 2019-09-30
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-5215
CWE-ID CWE-300
Exploitation vector Local network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		P30 Pro
Client/Desktop applications / Multimedia software

P30
Client/Desktop applications / Multimedia software

Vendor Huawei

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Man-in-the-Middle (MitM) attack

EUVDB-ID: #VU21449

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C]

CVE-ID: CVE-2019-5215

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

Description

The vulnerability allows remote attacker to perform a man-in-the-middle attack.

The vulnerability exists due to the affected software does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint. When users establish connection and transfer data through Huawei Share, an attacker at adjacent network can sniffer, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

P30 Pro: before 9.1.0.162

P30: before 9.1.0.162

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.



###SIDEBAR###