Security Advisory - Baidu WormHole Vulnerability in Huawei Mobile Phones

[1] Mobile phones will receive a system update prompt. The vulnerability will be fixed after users install the update.

An attacker can exploit this vulnerability to read information about, modify data in, or take control over the affected mobile phones.

The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).

Base Score: 6.2 (AV:L/AC:H/Au:N/C:C/I:C/A:C)

Temporal Score: 5.1 (E:F/RL:O/RC:C)

1. Prerequisite:

The attacker has obtained the IP addresses of target mobile phones and has access to these mobile phones.

2. Attacking procedure:

On the mobile phones, Baidu apps enable the HTTP service and open two ports. Although Baidu apps will check the packet header information for the two ports, the attacker can easily bypass the check. After setting up a connection to the HTTP service of the Baidu apps, the attacker can read information about, modify data in, or take control over the mobile phones.

1. Mobile phones that support automatic update will receive a system update prompt. You can install the update to fix the vulnerability.
2. Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm.

The vulnerability is disclosed by WooYun. Huawei PSIRT is not aware of any malicious use of the vulnerability described in this advisory.

For security problems about Huawei products and solutions, please contactPSIRT@huawei.com.

For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance.

2016-02-03 V1.1 FINAL updated information of "Software Versions and Fixes"
2015-12-09 V1.0 INITIAL

None