Man-in-the-Middle (MitM) attack in Huawei P30 Pro

Published: 2019-06-04 | Updated: 2019-09-30

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2019-5215
CWE-ID	CWE-300
Exploitation vector	Local network
Public exploit	Public exploit code for vulnerability #1 is available.
Vulnerable software	P30 Pro Client/Desktop applications / Multimedia software P30 Client/Desktop applications / Multimedia software
Vendor	Huawei

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Man-in-the-Middle (MitM) attack

EUVDB-ID: #VU21449

Risk: Low

CVSSv4.0: 7.6 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2019-5215

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

Description

The vulnerability allows remote attacker to perform a man-in-the-middle attack.

The vulnerability exists due to the affected software does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint. When users establish connection and transfer data through Huawei Share, an attacker at adjacent network can sniffer, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

P30 Pro: before 9.1.0.162

P30: before 9.1.0.162

CPE2.3

External links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.