Security Advisory - Authentication Bypass Vulnerability in Huawei PC Products

Huawei PCs have a vulnerability that allows low-privilege users to bypass SDDL permission checks. Successful exploitation this vulnerability could lead to termination of some system processes.Vulnerability ID:HWPSIRT-2023-15366 This vulnerability has been assigned a CVEID:CVE-2023-52972...

Security Advisory - Path Traversal Vulnerability in Huawei Home Music System

Huawei Home Music System has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the music host file to be deleted or the file permission to be changed.Vulnerability ID:HWPSIRT-2023-60613 This vulnerability has been assigned a CVEID:CVE-2023-7300...

Security Advisory - Path Traversal Vulnerability in Huawei Home Music System

Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.Vulnerability ID:HWPSIRT-2023-53450 This vulnerability has been assigned a CVEID:CVE-2023-7263...

Security Advisory - Connection Hijacking Vulnerability in Some Huawei Home Routers

Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.Vulnerability ID:HWPSIRT-2023-76605 This vulnerability has been assigned a CVEID:CVE-2023-7266...

Security Advisory - Connection Hijacking Vulnerability in Some Huawei Home Routers

A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.Vulnerability ID:HWPSIRT-2023-34408 This vulnerability has been assigned a CVEID:CVE-2023-52718...

Security Advisory - Inappropriate Interface access Control Vulnerability in a Huawei PC Product

A Huawei PC product has a vulnerability in improper interface access control. Successful exploitation of this vulnerability may cause SMRAM leaks.Vulnerability ID:HWPSIRT-2023-98172 This vulnerability has been assigned a CVEID:CVE-2023-52712...

Security Advisory - Huawei PC Product Vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer

A Huawei PC product is vulnerable to improper restriction of operations within the bounds of a memory buffer. Successful exploitation of this vulnerability could compromise SMRAM memory, resulting in code execution in SMM.Vulnerability ID:HWPSIRT-2023-11450 This vulnerability has been assigned a...

Security Advisory - Memory Overflow Vulnerability in Some Huawei Smart Speakers

Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail.Vulnerability ID:HWPSIRT-2022-52860 This vulnerability has been assigned a CVEID:CVE-2022-48681...

Security Advisory - Huawei PC Product Vulnerable to Improper Check for Unusual or Exceptional Conditions

A Huawei PC product is vulnerable to improper check for unusual or exceptional conditions. An attacker with the common privilege can exploit this vulnerability. Successful exploitation of this vulnerability could cause OS service exceptions.Vulnerability ID:HWPSIRT-2023-25233 This vulnerability h...

Security Advisory - Vulnerability of Improper Interface Access Control in a Huawei PC Product

A Huawei PC product has a vulnerability in improper interface access control. Successful exploitation of this vulnerability may cause SMM leaks. Attackers can exploit this vulnerability to boot the UEFI shell and cause memory leaks.Vulnerability ID:HWPSIRT-2023-64955 This vulnerability has been...

Security Advisory - Improper Handling of Length Parameter Inconsistency in a Huawei PC Product

A Huawei PC product is vulnerable to improper handling of length parameter inconsistency. Successful exploitation of this vulnerability can compromise the data structure stored at the beginning of SMRAM and may cause code execution in SMM.Vulnerability ID:HWPSIRT-2023-91490 This vulnerability has...

Security Advisory - Identity Bypass Vulnerability in Some Huawei Smart Screen Products

The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.Vulnerability ID:HWPSIRT-2023-82635 This vulnerability has been assigned a CVE ID:...

Security Advisory - Traffic Hijacking Vulnerability in Huawei Routers

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers.Vulnerability ID:HWPSIRT-2022-82592 This vulnerability has been assigned a CVEID:CVE-2022-48469...

Security Advisory - System Command Injection Vulnerability in a Huawei Printer Product

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution.Vulnerability ID:HWPSIRT-2022-90270 This vulnerability has been assigned a CVEID:CVE-2022-48472...

Security Advisory - Misinterpretation of Input Vulnerability in Huawei Printer

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal. Vulnerability ID:HWPSIRT-2022-47904 This vulnerability has been assigned a CVE ID: CVE-2022-48471...

Security Advisory - Misinterpretation of Input Vulnerability in Huawei Printer

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal.Vulnerability ID:HWPSIRT-2022-24181 This vulnerability has been assigned a CVEID:CVE-2022-48473...

Security Advisory - Identity Authentication Bypass Vulnerability in Huawei HiLink AI Life Product

Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.Vulnerability ID:HWPSIRT-2022-42291 This vulnerability has been assigned a CVEID:CVE-2022-48470...

Security Advisory - Out-of-Bounds Write Vulnerability in a Huawei Sound Box Product

A Huawei sound box product has an out-of-bounds write vulnerability. Attackers can exploit this vulnerability to cause buffer overflow. Vulnerability ID:HWPSIRT-2022-61463 This vulnerability has been assigned a CVE ID: CVE-2022-48330...

Security Advisory - Identity Authentication Bypass Vulnerability in The Huawei Children Smart Watch (Simba-AL00)

The Huawei Children Smart Watch Simba-AL00 has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail.Vulnerability ID:HWPSIRT-2022-18770 This vulnerability has been assigned a CVE ID:...

Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions.Vulnerability ID:HWPSIRT-2022-52968 This vulnerability has been assigned a CVE ID: CVE-2022-48...

Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. Vulnerability ID:HWPSIRT-2022-90086 This vulnerability has been assigned a CVE ID:...

Security Advisory - Misinterpretation of Input Vulnerability in Huawei Printer

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal.Vulnerability ID:HWPSIRT-2022-78037 This vulnerability has been assigned a CVE ID: CVE-2022-48261...

Security Advisory - System Command Injection Vulnerability in a Huawei Printer Product

A Huawei printer has a system command injection vulnerability. Successful exploitation could allow attackers to gain higher privileges. Vulnerability ID:HWPSIRT-2022-87340 This vulnerability has been assigned a CVE ID: CVE-2022-48259...

Security Advisory - Buffer Overflow Vulnerability in a Huawei Printer Product

A Huawei printer product has a buffer overflow vulnerability. Successful exploitation could lead to device service exceptions. Vulnerability ID:HWPSIRT-2022-17649 This vulnerability has been assigned a CVE ID: CVE-2022-48260...

Security Advisory - Data Processing Error Vulnerability in a Huawei Band

A Huawei band has a data processing error vulnerability. Successful exploitation could bypass lock screen authentication.Vulnerability ID:HWPSIRT-2022-11965 This vulnerability has been assigned a CVEID:CVE-2022-48254...

Security Advisory - Misinterpretation of Input in a Huawei Printer Product

A Huawei printer product is vulnerable to misinterpretation of input. Successful exploitation could lead to DoS. Vulnerability ID:HWPSIRT-2022-44321 This vulnerability has been assigned a CVE ID: CVE-2022-48230...

Security Advisory - System Command Injection Vulnerability in a Huawei Printer Product

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution.Vulnerability ID:HWPSIRT-2022-90114 This vulnerability has been assigned a CVEID:CVE-2022-48255...

Security Advisory - Denial of Service Vulnerability in Huawei Smart WiFi Router

There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service DoS condition. Vulnerability ID:HWPSIRT-2022-59488 This vulnerability has been assigned a CVE ID: CVE-2022-46740...

Security Advisory - Improper Authorization Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file. Vulnerability ID:HWPSIRT-2022-62345 This vulnerability has been assigned a CVE ID: CVE-2022-45874...

Security Advisory - Insufficient Authentication Vulnerability in some Huawei Band Products

There is an insufficient authentication vulnerability in some Huawei band products. Successful exploit could allow the attacker to spoof then connect to the band. Vulnerability ID: HWPSIRT-2022-85585 This vulnerability has been assigned a CVE ID: CVE-2022-41579...

Security Advisory - Improper Input Validation Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal. Vulnerability ID:HWPSIRT-2022-53187 This vulnerability has been assigned a CVE ID: CVE-2022-39012...

Security Advisory - Path Traversal Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources. Vulnerability ID:HWPSIRT-2022-99716 This vulnerability has been assigned a CVE ID: CVE-2022-44564...

Security Advisory - Out-of-bounds Read and Write Vulnerability in Some Huawei Headset Products

There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be...

Security Advisory - Traffic Hijacking Vulnerability in Huawei Routers

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers. Vulnerability ID: HWPSIRT-2021-21766 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2021-46835. For...

Security Advisory - Permission Bypass Vulnerability in Huawei Products

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Vulnerability ID: HWPSIRT-2021-96118 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2021-46834. For product...

Security Advisory - The input verification vulnerability of a Huawei Device product is involved.

A Huawei device has an input verification vulnerability. Successful exploitation of this vulnerability may lead to DoS attacks. Vulnerability ID: HWPSIRT-2022-49379 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-37395. For products that have released...

Security Advisory - Password Verification Vulnerability of Huawei Router

There is a password verification vulnerability in WS7200-10.Attackers on the LAN may use brute force cracking to obtain passwords, which may cause sensitive system information to be disclosed. Vulnerability ID: HWPSIRT-2022-16010 This vulnerability has been assigned a Common Vulnerabilities and...

Security Advisory - Input Verification Vulnerability Involving Huawei Printer Products

Huawei printers have an input verification vulnerability. Successful exploitation of this vulnerability may cause device service exceptions. Vulnerability ID: HWPSIRT-2022-80078 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-34159. For products that...

Security Advisory -Input Verification Vulnerabilities Involved in Huawei Printer Product

There is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. Vulnerability ID: HWPSIRT-2022-87185 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32204. For...

Security Advisory - Command Injection Vulnerability in Huawei Product

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. Vulnerability ID: HWPSIRT-2022-51773 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32203. Fo...

Security Advisory - Insufficient Input Verification Vulnerability In Huawei Product

There is an insufficient input verification vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to service abnormal. Vulnerability ID: HWPSIRT-2022-76192 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32144. For...

Security Advisory - Denial of Service Vulnerability in some Huawei Products

There is a denial of service vulnerability in some Huawei products. Successful exploitation could cause denial of service. Vulnerability ID: HWPSIRT-2022-27465 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-29798. For products that have released...

Security Advisory - Buffer Overflow Vulnerabilities In Huawei Product

There is a buffer overflow vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to privilege escalation. Vulnerability ID: HWPSIRT-2022-66872 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-29797. For products that ha...

Security Advisory - Improper Authentication Management Vulnerability in some Huawei Products

There is an improper authentication vulnerability in some huawei products.Successful exploitation of this vulnerability may lead to a control of the victim device. Vulnerability ID: HWPSIRT-2021-30580 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID:...

Security Advisory - Privilege Escalation Vulnerability in Huawei Product

A Huawei product has a privilege escalation vulnerability. Successful exploit could allow the attacker to access certain resource beyond its privilege. Vulnerability ID: HWPSIRT-2021-49498 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2021-40046. For...

Security Advisory - Laser Command Injection Vulnerability on Huawei Terminals

The laser command injection vulnerability exists on some Huawei devices. The devices cannot effectively defend against external malicious interference. Attackers need the device to be visually exploitable and successful triggering of this vulnerability could execute voice commands on the device...

Security Advisory - Release of Invalid Pointer Vulnerability in Some Huawei Products

There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Vulnerability ID: HWPSIRT-2021-64225 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2021-40042. This vulnerability w...

Security Advisory - Information Exposure Vulnerability on Several Huawei Products

There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Vulnerability ID: HWPSIRT-2020-32928 This vulnerability has been assigned ...

Security Advisory - Cross-Site Scripting(XSS) Vulnerability in Huawei WS318n Product

There is a Cross-Site ScriptingXSS vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain...

Security Advisory - Apache log4j2 remote code execution vulnerabilities in some Huawei products

Some Huawei products are affected by the Apache Log4j2 remote code execution vulnerabilities. The vulnerabilities are caused by a recursive parsing error in some functions of Apache Log4j2. An attacker can construct a malicious request to control log parameters to trigger a remote code execution...