N/A

RCS module in Huawei ALP-AL00B smart phones with software versions earlier than 8.0.0.129, BLA-AL00B smart phones with software versions earlier than 8.0.0.129 has a remote control vulnerability. An attacker can trick a user to install a malicious application. When the application connects with RCS for the first time, it needs user to manually click to agree. In addition, the attacker needs to obtain the key that RCS uses to authenticate the application. Successful exploitation may cause the attacker to control keyboard remotely.

N/A

N/A

Huawei ALP-AL00B和BLA-AL00B RCS模块安全漏洞

Huawei ALP-AL00B和BLA-AL00B都是中国华为（Huawei）公司的智能手机产品。RCS module是其中的一个融合通信模块。 Huawei ALP-AL00B 8.0.0.129之前版本和BLA-AL00B 8.0.0.129之前版本中的RCS模块存在安全漏洞。攻击者可通过诱使用户安装一个恶意手机应用程序利用该漏洞远程控制手机键盘。

N/A

N/A