Multiple vulnerabilities in Huawei P30, P30 Pro and Tony-AL00B
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2020-1798 CVE-2020-9076 CVE-2020-1834 CVE-2020-9226 CVE-2020-9258 |
| CWE-ID | CWE-287 CWE-354 CWE-347 CWE-200 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #5 is available. |
| Vulnerable software Subscribe |
Huawei P30 Client/Desktop applications / Multimedia software Huawei P30 Pro Client/Desktop applications / Multimedia software Huawei Tony-AL00B Hardware solutions / Firmware |
| Vendor | Huawei |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
Updated 10.06.2020
Added vulnerability #2
Updated 18.06.2020
Added vulnerability #3
Updated 01.07.2020
Added vulnerability #4
Updated 09.07.2020
Added vulnerability #5
1) Improper Authentication
EUVDB-ID: #VU28288
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1798
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests when handling NFC work. An authenticated attacker with physical access can establish a NFC connection to the target phone and perform a series of operations on the target phone, which is beyond the guest user's privilege.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei P30: before 10.1.0.135
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-02-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Authentication
EUVDB-ID: #VU28951
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-9076
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the identity of the message sender is not properly verified. A remote attacker can perform a man-in-the-middle attack to induce user to access malicious URL and gain unauthorized access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei P30: before 10.1.0.135
Huawei P30 Pro: before 10.1.0.135
Huawei Tony-AL00B: before 10.1.0.137
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper validation of integrity check value
EUVDB-ID: #VU29140
Risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1834
CWE-ID:
CWE-354 - Improper Validation of Integrity Check Value
Exploit availability: No
DescriptionThe vulnerability allows an attacker to load a crafted software package to the device.
The vulnerability exists due to the affected system does not check certain software package's integrity sufficiently. An attacker with physical access can load a specially crafted software package to the target device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei P30: before 10.1.0.135
Huawei P30 Pro: before 10.1.0.135
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU29428
Risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-9226
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to the affected software does not improper check signature of specific software package. A local user can trick a victim to install a malicious application and load a specially crafted software package to the device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei P30: before 10.1.0.135
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-02-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
5) Information disclosure
EUVDB-ID: #VU29612
Risk: Low
CVSSv3.1: 3 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-9258
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to an attribution in a module is not set correctly and some verification is lacked. A local attacker can trick a victim to load malicious application and gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei P30: before 10.1.0.135
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-02-smartphone-en
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
