Government has a ‘security warning’ for these Huawei’s Honor branded phones

0
39


NEW DELHI: India’s Cyber Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has issued a ‘High’ severity rating advisory for several Honor smartphones. Honor is a sub-brand of Chinese telecom and technology giant Huawei. The advisory by CERT-In alerts Indian users about multiple vulnerabilities that have been reported in Huawei smartphones which could allow an attacker to access sensitive information and bypass authentication on the targeted system.

As per the advisory the affected smartphones are Honor View20, Honor 20, Honor 20 PRO, Honor Magic2, Honor (Huawei) P20.

“An Out of Bound Read Vulnerability exists in some Huawei Smartphones. This vulnerability exists because the software reads data past the intended buffer. due to installing a crafted application. A remote attacker could exploit this vulnerability by tricking the user into installing a crafted application on the targeted system. Successful exploitation of this vulnerability could allow the remote attacker to access sensitive information from the targeted system,” said CERT-In.

The advisory also alerted users about another vulnerability. “An Improper Authentication Bypass Vulnerability exists in Huawei Smartphones due to insufficient validation of users identity in software. In order to exploit this vulnerability, the attacker needs to have physical access to the smartphone. Successful exploitation of this vulnerability could allow the attacker to bypass the limit of student mode function,” it explained.

CERT-In is advising users to upgrade to the latest software version the moment they receive an update on their phones.

As per the advisory these are phones software versions and model names that are affected:

-Honor View20, Versions earlier than 10.0.0.179(C636E3R4P3)

-Honor View20, Versions earlier than 10.0.0.180(C185E3R3P3)

-Honor View20, Versions earlier than 10.0.0.180(C432E10R3P4)

-Honor View20, Versions earlier than 10.0.0.188(C00E62R2P11)

-Honor 20, Versions earlier than 10.0.0.187(C00E60R4P11)

-Honor 20 PRO, Versions earlier than 10.0.0.187(C00E60R4P11)

-Honor Magic2, Versions earlier than 10.0.0.176(C00E60R2P11)

-Honor P20, Versions earlier than 10.0.0.156(C00E156R1P4)



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Enable Google Transliteration.(To type in English, press Ctrl+g)