It is not just Google and Samsung that usually roll out monthly software updates to their devices. Other Android OEMs do so too, including China’s Huawei.
The latest smartphone to be released by the company is the Huawei Mate 9 and it came late last year, but it reached the U.S. not so long ago. Despite coming with the latest Android 7.0 Nougat out of the box, it appears that the tech giant has already discovered multiple vulnerabilities that not only affect the Mate 9, but also the Mate 8 as well as the Huawei P9 and P9 Plus.
Huawei has gone to its official page to announce that these four smartphones will soon be receiving OTA updates that are meant to take care of the various issues found, but there is no specific date as to when this will be happening.
The first vulnerability is CVE-2017-2711, which has the ability to crash the Huawei P9 Plus. However, the application containing the malicious code must be downloaded to the phone, which then lets the attacker proceed with crashing the phone. The OTA update that fixes this issue will come with version number VIE-AL10C00B352.
The second CVE-2017-2703 vulnerability targets the newest Huawei Mate 9 alongside the standard Huawei P9. This vulnerability lets the attacker bypass the Phone Finder on their way to gaining access to system settings, however, the attacker must have physical access to either phone for this to happen. To solve the issue, Huawei Mate 9 users will receive software version MHA-DL00BC00B156 while those on the P9 should look out for version EVA-AL10C00B373.
The last critical vulnerability that Huawei will be looking to fix with the upcoming OTA is CVE-2017-2698 and currently, those targeted by this vulnerability are on the Huawei Mate 8 and the standard Huawei P9. This one lets the attacker crash the device or even gain control of the phones through root privileges, however, executing the malicious application requires root access. The fixes come with version NXT-AL10C00B386 and EVA-AL10C00B373 for the Mate 8 and P9, respectively.