Multiple vulnerabilities in Huawei P30 and P30 Pro



Published: 2020-06-29 | Updated: 2020-08-24
Risk Low
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2020-1836
CVE-2020-9077
CVE-2020-9249
CVE-2020-9245
CVE-2020-9095
CVE-2020-9096
CWE-ID CWE-200
CWE-401
CWE-285
CWE-190
CWE-125
Exploitation vector Local network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe
Huawei P30
Client/Desktop applications / Multimedia software

Huawei P30 Pro
Client/Desktop applications / Multimedia software

Vendor Huawei

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

Updated 22.07.2020
Added vulnerability #2
Updated 29.07.2020
Added vulnerability #3
Updated 06.08.2020
Added vulnerability #4
Updated 24.08.2020
Added vulnerability #5-6

1) Information disclosure

EUVDB-ID: #VU29340

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-1836

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in certain function's default configuration. A remote attacker on the local network can launch the attack via a crafted WI-FI hotspot and gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei P30: before 10.1.0.160

Huawei P30 Pro: before 10.1.0.160

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Information disclosure

EUVDB-ID: #VU31759

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9077

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected system does not properly authenticate the application that access a specified interface. A local attacker can trick a victim to install a malicious software and gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei P30: before 10.1.0.160

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200722-03-smartphone-en


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory leak

EUVDB-ID: #VU32909

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9249

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak. A remote attacker on the local network can send a specially crafted messages, force the application to leak memory and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei P30: before 10.1.0.160

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-02-smartphone-en


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Authorization

EUVDB-ID: #VU34096

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9245

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authorization checks.

The vulnerability exists due to improper authorization. A local attacker can trick a victim to install a malicious application and cause a denial of service condition of PHONE function.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei P30: before 10.1.0.160

Huawei P30 Pro: before 10.1.0.160

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Integer overflow

EUVDB-ID: #VU45976

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9095

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow. A local attacker can send malicious message, trigger integer overflow and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei P30 Pro: before 10.1.0.160

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU45978

Risk: Low

CVSSv3.1: 4.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9096

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when processing some messages sent from other module. A local user can send a malicious message, trigger out-of-bounds read error and cause a denial of service condition on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei P30 Pro: before 10.1.0.160

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###