Huawei Updates
2884Warning Date
Severity Level
Warning Number
Target Sector
27 August, 2020
● Medium
2020-1689
All
Description:
Huawei has released security updates to address multiple vulnerabilities in the following products:
- HUAWEI P30 Pro
- Versions earlier than 10.1.0.120(C431E19R2P5)
- Versions earlier than 10.1.0.120(C432E19R2P5)
- Versions earlier than 10.1.0.126(C461E11R3P1)
- Versions earlier than 10.1.0.160(C00E160R2P8)
- Versions earlier than 10.1.0.160(C01E160R2P8)
- HUAWEI Mate 20
- Versions earlier than 10.1.0.160(C00E160R3P8)
- Versions earlier than 10.1.0.160(C00)
- HUAWEI Mate 20 Pro
- Versions earlier than 10.1.0.277(C605E7R1P5)
- HUAWEI Mate 20 X
- Versions earlier than 10.1.0.135(C00E135R2P8)
- HUAWEI P30
- Versions earlier than 10.1.0.160(C00E160R2P11)
- FusionCompute
- 6.3.0
- 6.3.1
- 6.5.0
- 6.5.1
- 8.0.0
- HUAWEI 4G Router B612
- B612s-25dTCPU-V100R001B192D03SP00C234
- B612s-25dTCPU-V100R001B192D03SP00C287
- B612s-25dTCPU-V100R001B192D05SP00C00
- SMC2.0
- V600R006C00
- V600R006C00SPC200
- V600R006C10
- V600R006C10SPC200
- V600R006C10SPC300
- V600R006C10SPC500
- V600R019C00
- V600R019C10
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Information disclosure.
- Denial of service (DoS).
- Privilege escalation.
- Bypass app lock.
Best practice and Recommendations:
The CERT team encourages users to review Huawei security advisory and apply the necessary updates:
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-09-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-15-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-01-fc-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-07-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-16-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-01-buffer_en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-01-pointer_en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-01-ddos-en