This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy (update in May 2018) >

Security Advisory - XSS Vulnerability in the Email App of Huawei Smartphone

  • SA No:huawei-sa-20160507-01-emailapp
  • Initial Release Date: May 07, 2016
  • Last Release Date: May 12, 2016

There is a vulnerability due to the lack of output encoding for some particular characters in the email APP built in the affected Smart Phones. A successful exploitation of the vulnerability could allow an unauthenticated remote attacker to perform a cross-site scripting (XSS) attack and lead to obtain the user information. (Vulnerability ID: HWPSIRT-2016-03030)

This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-4575.

Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160507-01-emailapp-en


Product Name

Affected Version

Resolved Product and Version

PLK

Versions earlier than PLK-AL10C00B211

PLK-AL10C00B211

Versions earlier than PLK-AL10C92B211

PLK-AL10C92B211

ATH

Versions earlier than ATH-AL00C00B361

ATH-AL00C00B361[1]

Versions earlier than ATH-CL00C92B361

ATH-CL00C92B361[1]

Versions earlier than ATH-TL00HC01B361

ATH-TL00HC01B361[1]

Versions earlier than ATH-UL00C00B361

ATH-UL00C00B361[1]

CherryPlus

Versions earlier than CherryPlus-TL00C00B553

CherryPlus-TL00C00B553[1]

Versions earlier than CherryPlus-UL00C00B553

CherryPlus-UL00C00B553[1]

Versions earlier than CherryPlus-TL00MC01B553

CherryPlus-TL00MC01B553[1]

RIO

Versions earlier than RIO-AL00C00B360

RIO-AL00C00B360[1]


[1] The product user who submits the upgrade application in the phone service application will receive a system update prompt, install the update can fix the vulnerability.

An attacker can exploit this vulnerability to obtain the user information after further attacks.

The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).

Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Temporal Score: 3.6 (E:F/RL:O/RC:C)

1. Prerequisite:

The attackers has successfully tricked the users into open the constructed email message.

2. Attacking procedure:

An attacker could exploit this vulnerability by sending the users an email message injecting malicious script. A successful exploitation could allow the attacker to perform a cross-site scripting (XSS) attack and lead to obtain the user information.

Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/psirt/report-vulnerabilities/index.htm


This vulnerability was reported to Huawei PSIRT by Wooyun website. Huawei would like to thank Wooyun website for working with us and coordinated vulnerability disclosure to protect our customers.

2016-05-12 V1.2 UPDATED Add CVE-ID

2016-05-09 V1.1 UPDATED Update the affected product list and fixed version

2016-05-07 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.

To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.