Login Sign Up

CVE-2024-47290

5.5 MEDIUM
Denial of Service

📋 TL;DR

An input validation vulnerability in the USB service module could allow attackers to cause denial of service conditions. This affects Huawei devices with vulnerable USB service implementations. The vulnerability impacts availability but does not typically lead to data theft or remote code execution.

💻 Affected Systems

Products:
  • Huawei devices with USB service modules
Versions: Specific versions not detailed in reference; check Huawei advisory
Operating Systems: Huawei HarmonyOS, Android-based Huawei systems
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability requires USB service to be active and accessible

📦 What is this software?

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or unresponsive USB services requiring device reboot

🟠

Likely Case

Temporary USB service disruption affecting connected peripherals

🟢

If Mitigated

Minimal impact with proper input validation and service isolation

🌐 Internet-Facing: LOW - USB services typically not exposed to internet
🏢 Internal Only: MEDIUM - Requires physical or local network access to USB interfaces

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires sending malformed input to USB service, likely requiring local access or compromised adjacent system

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Huawei security bulletin for specific patched versions

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2024/10/

Restart Required: Yes

Instructions:

1. Check Huawei security advisory for affected devices. 2. Apply latest security updates from Huawei. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Disable unnecessary USB services

all

Reduce attack surface by disabling USB services not required for operation

adb shell pm disable com.huawei.usbservice
systemctl stop usb-service

Restrict USB access permissions

linux

Limit which users/applications can access USB services

chmod 750 /dev/bus/usb/*
setenforce 1

🧯 If You Can't Patch

  • Implement network segmentation to isolate devices with USB services
  • Monitor USB service logs for abnormal input patterns

🔍 How to Verify

Check if Vulnerable:

Check device version against Huawei security advisory; examine USB service version if accessible

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level after update; check USB service is running patched version

📡 Detection & Monitoring

Log Indicators:

  • USB service crash logs
  • Abnormal USB input patterns
  • Service restart events

Network Indicators:

  • Unexpected USB enumeration attempts
  • USB over IP anomalies

SIEM Query:

source="usb-service" AND (event="crash" OR event="restart")

📊 Metadata

CVE ID: CVE-2024-47290
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE: CWE-476
Published: September 27, 2024
Last Updated: October 1, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47290, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)
CVE-2023-47003 9.8

A NULL pointer dereference vulnerability in RedisGraph allows attackers to execute arbitrary code or...

Same vulnerability type (CWE-476)