Huawei PCManager fixed dangerous vulnerabilities
The exploitation of one of the vulnerabilities could lead to a complete compromise of the attacked system.
Researchers at Microsoft have identified in the Huawei PCManager tool dangerous vulnerabilities that allow elevating privileges and executing arbitrary code on the system.
Vulnerabilities were detected when the sensors of the Microsoft Defender Advanced Threat Protection (ATP) platform detected abnormal activity associated with the Huawei computer control driver. As shown by further analysis, the PCManager tool used in Huawei MateBook laptops contains a local privilege elevation vulnerability. Vulnerability (CVE-2019-5241) allows an attacker to elevate his privileges if he succeeds in forcing the victim to execute a malicious application on the system.
In the course of analyzing this vulnerability, researchers found another (CVE-2019-5242) that allows to execute arbitrary code. Thanks to it, code running with low privileges can read and write data outside its process into other processes, even into kernel space. Successful exploitation of a vulnerability can lead to a complete compromise of the attacked system.
Huawei fixed both problems in January of this year. Users can install them manually, but vulnerable products also support automatic updates.