all InfoSec news
CVE-2021-40055: Huawei OTA Insecure SSL Configuration Man-In-The-Middle Vulnerability
May 18, 2022, midnight |
Taszk Labs on taszk.io labs labs.taszk.io
Vulnerability Details Huawei devices - both those running Android and those running HarmonyOS - use Huawei’s custom implementation for applying OTA updates.
OTA updates are packaged into a zip container. The update mechanism has several checks that are meant to ensure the authenticity of OTA images before …
configuration cve huawei insecure man-in-the-middle ssl vulnerability
More from labs.taszk.io / Taszk Labs on taszk.io labs
Full Chain Baseband Exploits, Part 3
5 months, 3 weeks ago |
labs.taszk.io
Full Chain Baseband Exploits, Part 2
5 months, 3 weeks ago |
labs.taszk.io
Full Chain Baseband Exploits, Part 1
5 months, 3 weeks ago |
labs.taszk.io
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC