Security Researchers have discovered a vulnerability in Huawei USB LTE dongles model E3372, which allows a malicious user to perform a privilege escalation attack.
How It Works
Privilege escalation attacks rely on a user with limited access to a system being able to obtain a higher level of access, in an illicit manner such as through a vulnerability exploit, or improper permissions on shared file.
While browsing through the driver files installed by the dongle, a researcher came across a file which would auto-run every time the USB dongle was plugged in. It was observed that this "mbbserviceopen" file ran with full permissions. On plugging in the USB device, this file would open a web browser with Huawei's device management interface. A malicious user would need to replace the file with their own code and wait for the legitimate user to start using the cellular data service via their Huawei device.
After successfully exploiting this vulnerability, the attacker can perform unauthenticated operations. However, because this vulnerability relies on tampering with the driver software installed on the machine, physical access to the machine is required making this a case of local privilege escalation.
Users are advised to download and install the Hilink products tool form the following link to solve this issue.
- Sharma, Ax. (2021, June 2). Huawei USB LTE dongles are vulnerable to privilege escalation attacks. Retrieved from Bleeping Computer: https://www.bleepingcomputer.com/news/security/huawei-usb-lte-dongles-are-vulnerable-to-privilege-escalation-attacks/
- (2021, June 2). Security Advisory - Improper Permission Assignment Vulnerability in Some USB Dongle Products. Retrieved from Huawei: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-permission-en