14 DAY TRIAL // A serious security flaw was fixed in the Huawei E3272s 4G USB Modem, one which could have easily allowed attackers to gain control over PCs in which the modem was inserted.
According to Timur Yunusov and Kirill Nesterov, the two security experts that help find and fix the issue, "the vulnerability may lead to a DOS attack and remote arbitrary code execution via an XSS attack or stack overflow."
Attackers sending malicious crafted network packets to the modem would have been able to block it, and then carry out other types of attacks on the modem, the SIM card it contained, and the computer it was attached to.
According to researchers, attackers would have also been able to intercept and even decrypt Web traffic, track the victim's location, block the SIM card from working, or access the victim's account on local mobile operator portals.
Huawei knew of the flaw since August, but only recently fixed it at the start of October, as researchers claim.
To get your hands on the security updates, Huawei is recommending clients to contact its Technical Assistance Center for the latest version of the modem's firmware.
This is the second Huawei vulnerable device we are covering in the past two days, just yesterday reporting on a slew of vulnerabilities which were uncovered in some older Huawei 3G routers.
