Huawei GalleryApp Vulnerability Gives Away Paid Android Apps for FREE

Huawei GalleryApp apparently has a vulnerability that gives away paid Android apps for free after a bit of tinkering beneath the official app marketplace of the Chinese phone maker.

Huawei Reveals It Redesigned 13,000 Components, 4,000 Circuit Boards to Evade US Sanctions
In this photo taken on May 27, 2019, a Huawei logo is displayed at a retail store in Beijing. by FRED DUFOUR/AFP via Getty Images

Huawei GalleryApp

Huawei has had a bit of trouble with the United States, wherein it even got banned, resulting in Google services having to bid the phone maker farewell.

Its most drastic effect is the sheer removal of the Google Play Store, which houses thousands of Android apps. That said, Huawei had to move forward on its own.

The Chinese tech giant went on to produce its own so-called Huawei Mobile Service or HMS for short to power its mobile devices, sans the Google Services, as per a news story by Android Police.

On top of that, Huawei was also forced to introduce its own version of the Google Play Store, which it previously relied on before getting banned in the US. As a result, the situation birthed GalleryApp, which also functions as the Apple App Store for iPhones and iPads.

Huawei GalleryApp Vulnerability Gives Away Paid Android Apps for FREE
A customer looks at a newly launched Huawei P50 mobile phone at a Huawei store in Hangzhou, in China's eastern Zhejiang province on July 30, 2021. by STR/AFP via Getty Images

Essentially, Huawei GalleryApp serves as the app marketplace for its smartphones. It includes functions like downloading mobile software for its users. And for developers and publishers, it is where they collect fees for their paid services and apps.

Huawei GalleryApp Paid Apps for Free?

However, it appears that the Huawei GalleryApp has a flaw that particularly lets its phone users download apps, which are supposed to be paid on Android and even its own HarmonyOS, free of charge.

According to the latest report by GSMArena, the vulnerability on the GalleryApp only requires its user a bit of technical knowledge and some spare time to install thousands of paid apps for $0.

Huawei GalleryApp Vulnerability

The developer, who goes by the name Dylan Roussel, unearthed Huawei's problematic flaw in its app marketplace. He discovered it after exploring GalleryApp, and the dev says that he has already notified the Chinese tech giant about it since February.

Huawei GalleryApp Vulnerability Gives Away Paid Android Apps for FREE
The logo of Chinese company Huawei is seen on the screen of a Huawei mobile phone in London on July 14, 2020. by DANIEL LEAL/AFP via Getty Images

But he claims that Huawei has yet to respond to his report. In fact, the GalleryApp vulnerability still exists. It is to note that several weeks have passed since he went straight to Huawei to warn them about it.

Android Police was more specific about it, saying that the Rousell has been offered by Huawei with the silent treatment for roughly 13 weeks already.

The developer said that he initially planned to give the China-based phone maker at least five weeks to fix its big AppGallery flaw. But it seems that nothing has happened since. So, after months of keeping it to himself, he's now sharing it with the public.

This article is owned by Tech Times

Written by Teejay Boris

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics