Huawei has Addressed the Security Loophole in its 4G Modems
Huawei has addressed a security flaw in the E-3272s 4G USB modem which could allow attackers to gain entire control over hosts’ PCs.
According to Timur Yunusov and Kirill Nesterov – two security experts – who aided Huawei figure out and address the security flaw said that the loophole could lead to a DOS attack and remote arbitrary code execution via an XSS attack:
The vulnerability may lead to a DOS attack and remote arbitrary code execution via an XSS attack or stack overflow.
This is not all! The security experts have also claimed that the attackers would have been able to intercept, decrypt the web traffic, pinpoint the victim’s exact location, completely render the SIM card useless, and gain access to victims’ accounts on mobile company portals.
The researchers have also confirmed that Huawei had the loophole figured out since August this year, but only managed to fix it as of October 2015.
In order to fix the said security loophole, Huawei is rolling out some security updates which users can gain access to by getting in touch with the company’s Technical Assistance Center. Once the security updates are received, users will be able to overcome the issues at hand.
According to SoftPedia; this is the second Huawei device that has been confirmed to contain security loopholes – and that too in the past couple of days. Before the E-3272s 4G USB modem, a bunch of security vulnerabilities were found in some earlier versions of Huawei 3G routers.
What is your take on this? Let us know in the comments section below!