Preinstalled Baidu apps in certain Huawei mobile phones have the WormHole vulnerability. An attacker can exploit this vulnerability to read information about, modify data in, or take control over the affected mobile phones. (Vulnerability ID: HWPSIRT-2015-10045)
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
<http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465302.htm>
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | p8_firmware | * | cpe:2.3:o:huawei:p8_firmware:*:*:*:*:*:*:*:* |
huawei | mate_s_firmware | * | cpe:2.3:a:huawei:mate_s_firmware:*:*:*:*:*:*:*:* |