The official site for Saudi CERT
Huawei Updates
3174
Warning Date
Severity Level
Warning Number
Target Sector
2 September, 2020
● Medium
2020-1710
All
Description:
Huawei has released security updates to address multiple vulnerabilities in the following products:
- B2368-22
- V100R001C00
- B2368-57
- V100R001C00
- B2368-66
- V100R001C00
- HUAWEI Mate 20
- Versions earlier than 9.1.0.131(C00E131R3P1)
- Versions earlier than 9.1.0.135(C01E133R2P1)
- HUAWEI Mate 20 Pro
- Versions earlier than 9.1.0.310(C10E10R2P1)
- Versions earlier than 9.1.0.310(C185E10R2P1)
- Versions earlier than 9.1.0.310(C432E10R1P16)
- Versions earlier than 9.1.0.310(C605E10R1P16)
- Versions earlier than 9.1.0.310(C635E12R1P16)
- Versions earlier than 9.1.0.310(C636E10R2P1)
- Versions earlier than 9.1.0.310(C69E14R1P16)
- Versions earlier than 9.1.0.310(C792E22R1P17)
- Versions earlier than 9.1.0.311(C432E10R1P16)
- HUAWEI Mate 20 RS
- Versions earlier than 9.1.0.135(C786E133R3P1)
- HUAWEI Mate 20 X
- Versions earlier than 9.1.0.135(C00E133R2P1)
- HUAWEI P smart 2019
- Versions earlier than 9.1.0.264(C605E8R2P2)
- HUAWEI P20
- Versions earlier than 9.1.0.333(C00E333R1P1T8)
- HUAWEI P20 Pro
- Versions earlier than 9.1.0.333(C00E333R1P1T8)
- HUAWEI P30
- Versions earlier than 9.1.0.193
- HUAWEI P30 Pro
- Versions earlier than 9.1.0.186(C00E180R2P1)
- HUAWEI Y9 2019
- Versions earlier than 9.1.0.220(C45E3R1P1T8)
- HUAWEI nova 3
- Versions earlier than 9.1.0.333(C00E333R1P1T8)
- HUAWEI nova lite 3
- Versions earlier than 9.1.0.305(C635E8R2P2)
- Honor 10 Lite
- Versions earlier than 9.1.0.273(C461E3R1P14)
- Versions earlier than 9.1.0.280(C185E8R4P1)
- Versions earlier than 9.1.0.280(C636E8R4P1)
- Versions earlier than 9.1.0.283(C605E8R2P2)
- Honor 8X
- Versions earlier than 9.1.0.217(C185E3R2P1T8)
- Versions earlier than 9.1.0.217(C636E2R2P1T8)
- Versions earlier than 9.1.0.218(C605E1R1P2T8)
- Versions earlier than 9.1.0.219(C432E1R1P1T8)
- Versions earlier than 9.1.0.221(C461E2R1P1T8)
- Versions earlier than 9.1.0.210(C00E10R3P2T8)
- Versions earlier than 9.1.0.223(C541E1R1P1T8)
- Honor View 20
- Versions earlier than 9.1.0.235(C675E10R1P4)
- Versions earlier than 9.1.0.238(C432E1R3P1)
- Honor Magic2
- Versions earlier than 10.0.0.187
- Honor V20
- Versions earlier than 9.1.0.233(C00E233R4P3)
- Versions earlier than 9.1.0.234(C00E234R4P3)
- HONOR 20 PRO
- Versions earlier than 10.0.0.194(C636E3R3P1)
- Versions earlier than 10.0.0.202(C10E3R3P2)
- Honor 8A
- Versions earlier than 9.1.0.291(C185E3R4P1)
- Versions earlier than 9.1.0.291(C432E5R2P1)
- Versions earlier than 9.1.0.291(C636E4R4P1)
- Versions earlier than 9.1.0.297(C605E4R4P2)
- Honor View 20
- Versions earlier than 10.0.0.198(C432E10R3P4)
- Versions earlier than 10.0.0.200(C185E3R3P3)
- Versions earlier than 10.0.0.201(C10E5R4P3)
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Command injection.
- Privilege escalation.
- Denial of service (DoS).
- Bypass app lock.
Best practice and Recommendations:
The CERT team encourages users to review Huawei security advisory and apply the necessary updates:
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181010-01-applock-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-01-command-en
Rate the content
Share the page
