This document attached contains the vulnerabilities which were used for Mobile Pwn2Own 2017 [1] to compromise the Huawei Mate 9 Pro (LON-AL00 variant).

The Huawei Reader issues were fixed within the patch: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171120-01-hwreader-en on 20/11/2017.

The Huawei HIApp vulnerabilities were fixed within the patch: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180423-01-app-en on the 24/04/2018.

This whitepaper walks through the vulnerabilities found and methods used for exploitation.

Download the whitepaper here.

Similar Posts

eLinkSmart - Unlocking Bluetooth LE padlocks with polite requests

Enumerating Cognito Clients Exposed to the internet

Megafeis-palm: Exploiting Vulnerabilities to Open Bluetooth SmartLocks