Huawei Mate 9 Pro Mobile Pwn2Own 2017

This document attached contains the vulnerabilities which were used for Mobile Pwn2Own 2017 (https://www.thezdi.com/blog/2017/11/2/the-results-mobile-pwn2own-2017-day-two) to compromise the Huawei Mate 9 Pro (LON-AL00 variant).

The Huawei Reader issues were fixed within the patch: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171120-01-hwreader-en on 20/11/2017.

The Huawei HIApp vulnerabilities were fixed within the patch: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180423-01-app-en on the 24/04/2018.

This whitepaper walks through the vulnerabilities found and methods used for exploitation.