Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
added 2020/08/12 12:0 a.m.36 views

Security Advisory - Use after Free Vulnerability in Huawei Smartphone

There is a user after free vulnerability in Huawei smartphone. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific request. This could compromise normal service of the affected device. Vulnerability ID: HWPSIRT-2020-03123 This vulnerability has been...

6.7CVSS6.6AI score0.00218EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/07/15 12:0 a.m.36 views

Security Advisory - Improper Authentication Vulnerability in Several Smartphones

There is an improper authentication vulnerability in several smartphones. The system does not sufficiently validate certain parameter passed from the bottom level, the attacker should trick the user into installing a malicious application and control the bottom level, successful exploit could cau...

6.5CVSS6.2AI score0.00794EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2018/11/14 12:0 a.m.36 views

Security Advisory - Two Vulnerabilities in Huawei eSpace Product

There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak. Vulnerability I...

7.4CVSS6.2AI score0.00778EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/07/25 12:0 a.m.36 views

Security Advisory - Buffer Overflow Vulnerability on Several Products

There is a buffer overflow vulnerability on madapt driver of several products. The driver does not sufficiently validate the input, an attacker could trick the user to install a malicious application which would send crafted parameters to the driver. Successful exploit could cause a denial of...

5.5CVSS5.7AI score0.00548EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2018/07/20 12:0 a.m.36 views

Security Advisory - Authentication Bypass Vulnerability in Some Huawei Mobile Phones

There is an authentication bypass vulnerability in some Huawei mobile phones. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause som...

4.4CVSS4.3AI score0.00236EPSS
Exploits0Affected Software53
Huawei
Huawei
added 2017/12/22 12:0 a.m.36 views

Security Advisory - Remote Code Execution Vulnerability in Microsoft Windows Print Spooler Service

Microsoft released a security bulletin MS10-061 to publicly disclose a remote code execution vulnerability in the Print Spooler service. The vulnerability could allow remote code execution if an attacker sends a specially crafted print request to a vulnerable system. Vulnerability ID:...

9.3CVSS9.3AI score0.75636EPSS
Exploits4Affected Software4
Huawei
Huawei
added 2017/12/15 12:0 a.m.36 views

Security Advisory - Use of a Risky Cryptographic Algorithm Vulnerability on Several Products

There is a use of a broken or risky cryptographic algorithm vulnerability on several products. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known techniques to break the algorithm. Successful exploit could resul...

5.9CVSS5.8AI score0.00652EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2017/12/06 12:0 a.m.36 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is a buffer overflow vulnerability in the Common Open Policy Service Protocol COPS module of some Huawei products. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted message to the affected products. The vulnerability is due to insufficient inp...

5.3CVSS5.6AI score0.01241EPSS
Exploits0Affected Software19
Huawei
Huawei
added 2017/11/08 12:0 a.m.36 views

Security Advisory - Three Buffer Overflow Vulnerabilities in Some Huawei Products

There are three buffer overflow vulnerabilities in some Huawei products. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. Vulnerabilit...

5.3CVSS5.8AI score0.01177EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2017/09/20 12:0 a.m.36 views

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

There is Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection FRP function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Googl...

4.6CVSS4.6AI score0.00197EPSS
Exploits0Affected Software11
Huawei
Huawei
added 2016/12/07 12:0 a.m.36 views

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

There is Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection FRP function, an attacker can enter some functional modules without authorization and perform operations to update the Google...

4.6CVSS4.6AI score0.00361EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2016/11/16 12:0 a.m.36 views

Security Advisory - DoS Vulnerability in Some Huawei Firewall Products

Some Huawei firewall products have a denial of service DoS vulnerability. Due to improper validation of some specific fields of DHCP message, an unauthenticated attacker may send abnormal DHCP request packets to the affected products. Successful exploit of this vulnerability could lead to a DoS...

7.8CVSS7.7AI score0.01029EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2023/12/06 12:0 a.m.35 views

Security Advisory - Identity Bypass Vulnerability in Some Huawei Smart Screen Products

The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.Vulnerability ID:HWPSIRT-2023-82635 This vulnerability has been assigned a CVE ID:...

8.8CVSS6.9AI score0.0031EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2023/01/18 12:0 a.m.35 views

Security Advisory - Misinterpretation of Input in a Huawei Printer Product

A Huawei printer product is vulnerable to misinterpretation of input. Successful exploitation could lead to DoS. Vulnerability ID:HWPSIRT-2022-44321 This vulnerability has been assigned a CVE ID: CVE-2022-48230...

7.5CVSS7AI score0.00468EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2022/06/06 12:0 a.m.35 views

Security Advisory - Command Injection Vulnerability in Huawei Product

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. Vulnerability ID: HWPSIRT-2022-51773 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32203. Fo...

9.8CVSS6.8AI score0.01146EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/10/20 12:0 a.m.35 views

Security Advisory - Path Traversal Vulnerability in Huawei FusionCube Product

There is a path traversal vulnerability in Huawei FusionCube product. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly...

7.5CVSS7.4AI score0.00828EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/10/08 12:0 a.m.35 views

Security Advisory - Path Traversal Vulnerability in Huawei PC Product

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain...

6.5CVSS6.4AI score0.00294EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/06/30 12:0 a.m.35 views

Security Advisory - Path Traversal Vulnerability in Some Huawei Products

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...

4.6CVSS4.6AI score0.00209EPSS
Exploits0Affected Software9
Huawei
Huawei
added 2021/04/07 12:0 a.m.35 views

Security Advisory - Improper Licenses Management Vulnerability in Some Products

There has a license management vulnerability in some huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect...

4.9CVSS5AI score0.00471EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2020/08/26 12:0 a.m.35 views

Security Advisory - Privilege Escalation Vulnerability in Huawei FusionCompute Product

There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. Vulnerability ID: HWPSIRT-2020-05241 This vulnerability has been...

7.8CVSS6.4AI score0.00111EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/08/05 12:0 a.m.35 views

Security Advisory - Improper Authentication Vulnerability in Several Smartphones

There is an improper authentication vulnerability in several smartphones. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged. Vulnerability ID: HWPSIRT-2019-10020 This...

6.8CVSS6.7AI score0.00234EPSS
Exploits0Affected Software16
Huawei
Huawei
added 2020/04/22 12:0 a.m.35 views

Security Advisory - Three Out of Bounds Vulnerabilities in Several Smartphones

There are three out of bounds vulnerabilities in several smartphones. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. Vulnerability ID:...

7.1CVSS7.3AI score0.00605EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/12/13 12:0 a.m.35 views

Security Advisory - Bypass Vulnerability in the 'Find Phone' Function of Some Huawei Smart Phones

There is an authentication bypass vulnerability in the 'Find Phone' function of some Huawei smart phone. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally...

7.2CVSS6.7AI score0.00333EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/10/18 12:0 a.m.35 views

Security Advisory - Use After Free Vulnerability in Madapt Driver of Some Huawei Smart Phones

The Madapt Driver of some Huawei smart phones has a use after free UAF vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution. Vulnerability ID:...

9.3CVSS7.8AI score0.01067EPSS
Exploits0Affected Software5
Huawei
Huawei
added 2017/08/02 12:0 a.m.35 views

Security Advisory - Weak Algorithm Vulnerability in Huawei USG product

There is a weak algorithm vulnerability in Huawei USGUSG6300/USG6600 products. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links. Vulnerability ID: HWPSIRT-2017-02028 This vulnerability has been...

7.5CVSS7.4AI score0.00696EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/05/24 12:0 a.m.35 views

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

There is Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection FRP function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed...

4.6CVSS4.7AI score0.0024EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2016/02/03 12:0 a.m.35 views

Security Advisory - XSS Vulnerability in Huawei Agile Controller-Campus

A reflected cross-site scripting XSS vulnerability exists in some portal authentication page of the Agile Controller-Campus. When an attacker sends a malicious link to the system, the user is online and clicks on the link, XSS occurs. Therefore, the attacker may obtain the administrator privilege...

6.1CVSS6.3AI score0.00764EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2014/06/16 12:0 a.m.35 views

Security Advisory-Heap Overflow Vulnerability in Huawei eSap Platform

Huawei eSap software platform has four heap overflow vulnerabilities. Huawei products that have used this platform are affected. When receiving some special malformed packets, such devices access heap memory that is beyond the valid range and cause unexpected restart of the devices. If an attacke...

7.8CVSS7.5AI score0.01492EPSS
Exploits0Affected Software21
Huawei
Huawei
added 2021/10/20 12:0 a.m.34 views

Security Advisory - Improper Signature Management Vulnerability in Some Huawei Products

There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Vulnerability ID:...

9CVSS6.9AI score0.00693EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2021/09/22 12:0 a.m.34 views

Security Advisory - Improper File Upload Control Vulnerability in Huawei FusionCompute Product

There is an improper file upload control vulnerability in Huwei FusionCompute product. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal. Vulnerability...

7.5CVSS7.5AI score0.00636EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/07/15 12:0 a.m.34 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service...

6.5CVSS6.3AI score0.00605EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/06/10 12:0 a.m.34 views

Security Advisory - Improper Authorization Vulnerability in Some Huawei Smartphones

There is an improper authentication vulnerability in some Huawei smart phones. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operation...

6.8CVSS6.6AI score0.00236EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/22 12:0 a.m.34 views

Security Advisory - Denial of Service Vulnerability in Huawei Product

There is a DoS vulnerability that IPSec Module handles a specific message incorrectly, causing memory unreleased. Attackers can send specific message to cause Denial of Service in IPSec module. Vulnerability ID: HWPSIRT-2019-12418 This vulnerability has been assigned a Common Vulnerabilities and...

7.5CVSS7.4AI score0.00745EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2019/01/28 12:0 a.m.34 views

Security Advisory - Memory Double Free Vulnerability in Image Processing Module of Some Huawei Smart Phones

The image processing module of some Huawei smart phones has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash. Vulnerability ID: HWPSIRT-2018-110...

7.1CVSS5.4AI score0.0056EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/03/28 12:0 a.m.34 views

Security Advisory - Improper Authorization Vulnerability on Huawei Switch Products

There is an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. Successful exploit could cause information...

4.3CVSS4.2AI score0.00489EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2018/02/07 12:0 a.m.34 views

Security Advisory - Two Buffer Overflow Vulnerabilities in Some Huawei Products

There is an out-of-bound write vulnerability in some Huawei products. Due to insufficient input validation, a remote, unauthenticated attacker may craft encryption key to the affected products. Successful exploit may cause buffer overflow, services abnormal. Vulnerability ID: HWPSIRT-2017-11058...

5.3CVSS5.4AI score0.01241EPSS
Exploits0Affected Software17
Huawei
Huawei
added 2017/12/20 12:0 a.m.34 views

Security Advisory - Two Remote Code Execution Vulnerabilities in Microsoft Windows

Microsoft released a security advisory to disclose a remote code execution vulnerability in Microsoft Server Message Block 1.0 SMBv1. A remote attacker could send a specially crafted packet to a targeted SMBv1 server. The attacker could exploit the vulnerability to gain the ability to execute cod...

10CVSS8.7AI score0.64132EPSS
Exploits0Affected Software17
Huawei
Huawei
added 2017/12/01 12:0 a.m.34 views

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol RSVP packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and...

7.5CVSS7.5AI score0.00967EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2017/09/01 12:0 a.m.34 views

Security Advisory - FRP Bypass Vulnerability in Huawei Honor 5S Smart Phones

Huawei Honor 5S smart phones have a Factory Reset Protection FRP bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory...

4.9CVSS4.6AI score0.00232EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/07/12 12:0 a.m.34 views

Security Advisory - Directory Traversal Vulnerability in Push Module of Huawei Smart Phone

There is a directory traversal vulnerability in Push module of Huawei Smart Phone. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and impact the service. Vulnerability ID:...

7.1CVSS6.8AI score0.00866EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/11/23 12:0 a.m.34 views

Security Advisory - Buffer Overflow Vulnerability in HIFI Driver of Huawei Smart Phone

The HIFI driver of some Huawei products has buffer overflow vulnerability due to the lack of a parameters check. An attacker can get ROOT privilege and send given parameter to driver to crash the system or execute arbitrary code. Vulnerability ID: HWPSIRT-2016-05220 This vulnerability has been...

7.2CVSS7.1AI score0.00319EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2016/10/26 12:0 a.m.34 views

Security Advisory - PXN Defense Mechanism Failure Vulnerability in Huawei Mobile Phones

There is a Privileged Execute-Never PXN defense mechanism failure vulnerability in the drive code of some Huawei mobile phones. An attacker may trick users into installing malicious apps which can disable the PXN defense mechanism by invoking related drive code to crash the system or escalate...

9.3CVSS7.7AI score0.00751EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2016/09/14 12:0 a.m.34 views

Security Advisory - DoS Vulnerability in Huawei Switches

There is a DoS vulnerability caused by memory leak in some of Huawei products as affected products list below. For lacking of adequate input validation,attackers can craft and send a large number of malformed packets to the target device to exhaust the memory of the device and may cause the devic...

7.5CVSS7.6AI score0.01096EPSS
Exploits0Affected Software8
Huawei
Huawei
added 2016/08/24 12:0 a.m.34 views

Security Advisory - Reset Password and Information Leak Vulnerabilities in Huawei UMA

The Unified Maintenance Audit UMA system provides a unified portal for O&M operations, controls and records users' O&M operations, and supports auditing by way of command display and video replay. The UMA has two security vulnerabilities. One vulnerability is due to insufficient parameter...

7.5CVSS7AI score0.01205EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/06/17 12:0 a.m.34 views

Security Advisory - Insufficient Input Validation Vulnerability in the FusionInsight

The FusionInsight has an insufficient input validation vulnerability. An attacker may exploit it to gain the root privilege of the Linux system where the software resides and control the operating system cluster. Vulnerability ID: HWPSIRT-2016-06010 This vulnerability has been assigned Common...

7.8CVSS7.9AI score0.00232EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2015/11/11 12:0 a.m.34 views

Security Advisory - Directory Traversal Vulnerability in Huawei AR Router

The AR router has a directory traversal vulnerability when serving as an SFTP server. An attacker can log in to the AR router and traverse FTP server directories to access unauthorized directories, leading to information leaks. Vulnerability ID: HWPSIRT-2015-09029 This vulnerability has been...

4CVSS6.2AI score0.01074EPSS
Exploits0Affected Software9
Huawei
Huawei
added 2013/12/28 12:0 a.m.34 views

Security Advisory-A Vulnerability on the HWTACACS Authorization Module of the CloudEngine

The HWTACACS modules of some Huawei CloudEngine series switches have vulnerabilities. Attackers can execute the commands that can be used by users with higher-level permissions by bypass the right check of HWTACACS server. HWPSIRT-2013-1256. This Vulnerability has been assigned Common...

6.7AI score
Exploits0Affected Software3
Huawei
Huawei
added 2024/12/11 12:0 a.m.33 views

Security Advisory - Path Traversal Vulnerability in Huawei Home Music System

Huawei Home Music System has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the music host file to be deleted or the file permission to be changed.Vulnerability ID:HWPSIRT-2023-60613 This vulnerability has been assigned a CVEID:CVE-2023-7300...

8CVSS6.6AI score0.0029EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2023/01/18 12:0 a.m.34 views

Security Advisory - Data Processing Error Vulnerability in a Huawei Band

A Huawei band has a data processing error vulnerability. Successful exploitation could bypass lock screen authentication.Vulnerability ID:HWPSIRT-2022-11965 This vulnerability has been assigned a CVEID:CVE-2022-48254...

4.6CVSS5.3AI score0.00212EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2022/06/06 12:0 a.m.33 views

Security Advisory -Input Verification Vulnerabilities Involved in Huawei Printer Product

There is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. Vulnerability ID: HWPSIRT-2022-87185 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32204. For...

7.5CVSS6.3AI score0.00369EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1006