Huawei Updates
1701Warning Date
Severity Level
Warning Number
Target Sector
14 June, 2020
● High
2020-1350
All
Description:
Huawei has released security updates to address several vulnerabilities in the following products:
- HUAWEI P30
- Versions earlier than 10.1.0.135(C00E135R2P11)
- HUAWEI P30
- Versions earlier than 10.1.0.135(C00E135R2P11)
- HUAWEI P30 Pro
- Versions earlier than 10.1.0.135(C00E135R2P8)
- Versions earlier than 10.1.0.135(C01E135R2P8)
- Tony-AL00B
- Versions earlier than 10.1.0.137(C00E137R2P11)
- FusionAccess
- Versions earlier than 6.5.1.SPC002
- Secospace USG6300
- V500R001C30
- V500R001C50
- V500R001C60
- V500R001C80
- V500R005C00
- V500R005C10
- OceanStor 9000
- V300R006C20
- V300R006C20SPC100
- V300R006C20SPC200
- V300R006C20SPC300
- USG6300E
- V600R006C00
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Execute arbitrary code –remotely
- Man in the middle attack
- Unauthorized disclosure of information
- Denial of service attack (DoS)
- Bypass of a protection mechanism
Best practice and Recommendations:
The CERT team encourages users to review Huawei security advisory and apply the necessary updates:
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fusionacces-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-04-smartphone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-validation-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en