Security News > 2021 > June > Huawei USB LTE dongles are vulnerable to privilege escalation attacks
This week, a Trustwave security researcher disclosed a privilege escalation flaw in Huawei's USB LTE dongles.
Huawei LTE driver autoruns with maximum permissions.
Martin Rakhmanov, Security Research Manager at Trustwave has disclosed his findings on a privilege escalation flaw in Huawei's USB LTE dongle model E3372.
Privilege escalation attacks rely on a user with limited access to a system being able to obtain a higher level of access, in an illicit manner-such as through a vulnerability exploit, or improper permissions on shared files.
Because this particular vulnerability relies on tampering with the Huawei driver software installed on a computer, local or physical access to the computer is required, making this a case of local privilege escalation.
Huawei has advised users of its USB LTE dongle to obtain the "Hi Link" driver files from their website to resolve this vulnerability.