Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
SystemWarning: Huawei's 4G USB contains a serious security flaw
Last week, Trustwave security researchers discovered a serious security flaw in Huawei's 4G USB products. USB 4G is a device used to provide an internet connection to a laptop or desktop computer via a USB port.
According to Martin Rakhmanov, Trustwave's security research manager, the 4G USB flash drive contains model E3372. When plugged into the computer, the following file will always run automatically. It has multiple openings of the web browser to display Huawei's device management interface.
/Library/StartupItems/MobileBrServ/mbbserviceopen.app/Contents/MacOS/mbbserviceopen
However, the problem is that the file "mbbserviceopen" is fully set up. An attacker can replace this file with malicious code and wait until the user plugs a 4G USB into the machine to perform the exploit.
An attacker can take control of a computer, steal information, data, or execute arbitrary code if exploited successfully.
One thing to note is that in order to successfully exploit this vulnerability, the attacker must have access to the victim's Huawei 4G USB device. Or they can trick victims into plugging in their malicious Huawei 4G USB device pre-installed.
Huawei has confirmed to BleepingComputer that this is a vulnerability and has provided a fix for users. Huawei advises users who are using USB 4G model E3372 to obtain the "Hi Link" driver file from their homepage to fix the vulnerability.
Download the latest driver for USB 4G E3372 here
Huawei is committed that the security of its customers is its top priority. Huawei encourages people to report to them if vulnerabilities or security issues are discovered.
- Found an 'unpatchable' flaw in Intel CPUs
- Thousands of servers are affected by the flaw on SaltStack RCE
- Chrome and Firefox have a serious security flaw, there is no way to fix it
- Vulnerability detection on TP-Link routers allows an attacker to log in without a password
- DeepTime is taking advantage
- Warning: Google Chrome is experiencing serious security errors, patch updates right away
- Huawei will launch the first 8K 5G TV later this year?
- How Nokia has been dropped by Samsung and Apple, the answer will be in a GIF image
- The Huawei P30 Pro camera is so powerful that it can capture the moon image clearly
- Smart wearable device market in Q4, 2018: Apple maintains its leading position with 16.2 million products shipped
- Learn about 5G network, future mobile platform
- Which company is Huawei?
- Huawei P20 phones will have rabbit ears like iPhone X
- Huawei announces a list of smartphones and when specific GPU Turbo updates are available via OTA
- Huawei P30, Huawei's most popular flagship of 2019, has set its launch date
- 2018 smartphone market: Winners and losers
-
China secretly turned Huawei into the most powerful weapon in the chip war - Compare Harmony OS and Android, what are they similar and different?
- High resolution Huawei P30 wallpaper for phones
- Huawei's HiSilicon semiconductor unit is also 'breathless'
- Huawei already has its own app store, can Google Play replace it?
- The solution to install Google apps into Huawei Mate 30 has been blocked
China secretly turned Huawei into the most powerful weapon in the chip war 
Compare Harmony OS and Android, what are they similar and different? 
High resolution Huawei P30 wallpaper for phones 
Huawei's HiSilicon semiconductor unit is also 'breathless' 
Huawei already has its own app store, can Google Play replace it? 
The solution to install Google apps into Huawei Mate 30 has been blocked 
Technology story
Technology comments
Quiz technology
New technology
British talent technology
Attack the network
Artificial intelligence
Mac OS X
Hardware
Game