Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
•added 2021/02/10 12:0 a.m.•31 views

Security Advisory - Denial of Service Vulnerability in Huawei Product

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to affected module. This can lead to denial of service. Vulnerability ID: HWPSIRT-2020-65315 This...

7.5CVSS7.3AI score0.00727EPSS
Exploits0Affected Software7
Huawei
Huawei
•added 2021/01/06 12:0 a.m.•31 views

Security Advisory - Out-of-Bound Read and Write Vulnerability in Huawei Product

There is an out-of-bound read and write vulnerability in Huawei smartphone. A module dose not verify the input sufficiently. Attackers can exploit this vulnerability by modifying some configuration to cause out-of-bound read and write, causing denial of service. Vulnerability ID: HWPSIRT-2020-051...

7.2CVSS6.2AI score0.00246EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/07/15 12:0 a.m.•31 views

Security Advisory - Stack Overflow Vulnerability in Huawei Smart Phone Product

There is a stack overflow vulnerability in some Huawei smart phone. An attacker can craft specific packet to exploit this vulnerability. Due to insufficient verification, this could be exploited to tamper with the information to affect the availability. Vulnerability ID: HWPSIRT-2019-11030 This...

6.5CVSS6.3AI score0.00228EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/04/22 12:0 a.m.•31 views

Security Advisory - Local Privilege Escalation Vulnerability in Huawei OSD Product

There is a local privilege escalation vulnerability in Huawei OSD product. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Vulnerability ID: HWPSIRT-2020-02153 This...

6.7CVSS6.6AI score0.00217EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2019/09/11 12:0 a.m.•31 views

Security Advisory - Race Condition Vulnerability on Several Smartphones

There is a race condition vulnerability on certain detection module of smartphone. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful...

7.8CVSS7.7AI score0.00647EPSS
Exploits0Affected Software14
Huawei
Huawei
•added 2018/11/29 12:0 a.m.•31 views

Security Advisory - Information Leakage in Huawei VIP App Web Service

Huawei VIP App is mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability that attackers can conduct bruteforce to the VIP App Web Services to get user information leakage. Vulnerability ID: HWPSIRT-2018-11111 This vulnerability has been assign...

5.3CVSS5.2AI score0.00764EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/06/30 12:0 a.m.•31 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is a buffer overflow vulnerability in the Common Open Policy Service Protocol COPS module of some Huawei products. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful...

4.3CVSS4.5AI score0.00977EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2018/05/30 12:0 a.m.•31 views

Security Advisory - DoS Vulnerability in Some Huawei Smart Phones

Some Huawei smart phones have a denial of service DoS vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow th...

6.3CVSS4.4AI score0.00474EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2017/12/27 12:0 a.m.•31 views

Security Advisory - Several Vulnerabilities in H323 Protocol of Huawei Products

There are three null pointer dereference vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash...

7.5CVSS6.8AI score0.01279EPSS
Exploits0Affected Software45
Huawei
Huawei
•added 2017/10/18 12:0 a.m.•31 views

Security Advisory - Two Vulnerabilities in Some Huawei Products

There is a DoS vulnerability in some Huawei products. Due to incorrect malformed message processing logic, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause stack overflow and make a service unavailable...

6.8CVSS6.6AI score0.00795EPSS
Exploits0Affected Software37
Huawei
Huawei
•added 2017/09/14 12:0 a.m.•31 views

Security Advisory - Integer overflow Vulnerability in Bastet Driver of Huawei Smart Phone

The Bastet driver of some Huawei smart phones has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitra...

9.3CVSS7.8AI score0.01244EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/07/25 12:0 a.m.•31 views

Security Advisory - Two DoS Vulnerabilities in Call Module of Some Huawei Smart Phones

There are two DoS vulnerabilities in the call module of some Huawei smart phones due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can send given parameter to call module to crash the call and data communication proces...

5.5CVSS5.7AI score0.0054EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/07/12 12:0 a.m.•31 views

Security Advisory - Privilege Escalation Vulnerability in Push Module of Huawei Smart Phone

There is a privilege escalation vulnerability in Push module of Huawei Smart Phone. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message. Vulnerability ID: HWPSIRT-2017-05070...

7.1CVSS7AI score0.00278EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/04/19 12:0 a.m.•31 views

Security Advisory - Insufficient Input Validation Vulnerability in Some Huawei Products

Some Huawei products have an insufficient input validation vulnerability. An unauthenticated attacker could send a forged air interface message to an affected product through a rogue base station. Due to insufficient input validation, the attacker could exploit this vulnerability to tamper with a...

5.4CVSS5.4AI score0.00339EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/02/22 12:0 a.m.•31 views

Security Advisory - Privilege Elevation Vulnerability Caused by Arbitrary File Upload in Huawei Themes

The Huawei Themes APP in some Huawei products has a privilege elevation vulnerability due to the lack of theme pack check. An attacker could exploit this vulnerability to upload theme packs containing malicious files and trick users into installing the theme packets, resulting in the execution of...

7.8CVSS7.8AI score0.00975EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2016/09/07 12:0 a.m.•31 views

Security Advisory - XML Bomb Vulnerability in AnyOffice

AnyOffice Enterprise Mobile Management EMM is a module of the AnyOffice, which provides the mobile terminal management function. The XML Bomb vulnerability in the AnyOffice EMM could allow an authenticated, remote attacker to cause the software to deny services by uploading an XML bomb...

6.5CVSS6.6AI score0.00869EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/08/24 12:0 a.m.•31 views

Security Advisory - IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

There is a vulnerability in the IP Version 6 IPv6 Neighbor Discovery packet process of multiple products, successful exploit could allow an unauthenticated, remote attacker to cause an affected device to start dropping legitimate IPv6 neighbors as legitimate ND times out, leading to a denial of...

7.5CVSS7.4AI score0.03823EPSS
Exploits0Affected Software18
Huawei
Huawei
•added 2016/05/20 12:0 a.m.•31 views

Security Advisory - Two Buffer Overflow Vulnerabilities in Wi-Fi Driver of Huawei Smart Phone

Wi-Fi driver of some Huawei products have two buffer overflow vulnerabilities due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can send given parameter to Wi-Fi driver to crash the system or escalate user privilege...

9.3CVSS8.2AI score0.0066EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2015/11/03 12:0 a.m.•31 views

Security Advisory - Local Permission Escalation Vulnerability in GPU of P7 Phones

The graphics processing unit GPU of Huawei P7 phones have a local permission escalation vulnerability.GPU does not properly validate the specific input parameters. An attacker may trick a user into installing a malicious application and use the application to read and modify product memory addres...

7.8CVSS7.6AI score0.00252EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2015/10/29 12:0 a.m.•31 views

Security Advisory - UE Measurement Leak Vulnerability in Huawei P8 Phones

An information leak vulnerability exists in Huawei P8 Phones. Before sending a specific signal to a base station, the P8 Phone does not check its own security status. An attacker uses a fake base station to construct a specific scenario and obtain the specific signal which includes user equipment...

4.3CVSS4AI score0.00597EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2015/09/19 12:0 a.m.•31 views

Security Advisory - MITM Vulnerability in the OpenSSL Module of Huawei eSight Network

During certificate verification, OpenSSL starting from version 1.0.1n and 1.0.2b will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted...

6.5CVSS6.2AI score0.61798EPSS
Exploits6Affected Software1
Huawei
Huawei
•added 2015/03/18 12:0 a.m.•31 views

Security Advisory-Resource Management Vulnerability in the AR1220

Under Specifically configurations in the AR1220, An attacker sends massive traffic to the FE port from the GE port on the main board. As a result, the interface board resets unexpectedly. Vulnerability ID: HWPSIRT-2014-1298. This Vulnerability has been assigned Common Vulnerabilities and Exposure...

5.9CVSS5.6AI score0.00691EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2014/10/22 12:0 a.m.•31 views

Security Advisory-DLL Hijacking Vulnerability on Huawei USB Modem products

This security advisory SA describes the impact of DLL-Hijacking vulnerability discovered in website. Vulnerability ID: HWPSIRT-2014-1046 This vulnerability is referenced in this document as follows: Any user in the system can modify the legitimate binary to any kind of malicious executable. If an...

9.3CVSS7.4AI score0.05016EPSS
Exploits2Affected Software3
Huawei
Huawei
•added 2024/04/17 12:0 a.m.•30 views

Security Advisory - Huawei PC Product Vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer

A Huawei PC product is vulnerable to improper restriction of operations within the bounds of a memory buffer. Successful exploitation of this vulnerability could compromise SMRAM memory, resulting in code execution in SMM.Vulnerability ID:HWPSIRT-2023-11450 This vulnerability has been assigned a...

7.8CVSS7.1AI score0.0013EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2024/04/17 12:0 a.m.•30 views

Security Advisory - Huawei PC Product Vulnerable to Improper Check for Unusual or Exceptional Conditions

A Huawei PC product is vulnerable to improper check for unusual or exceptional conditions. An attacker with the common privilege can exploit this vulnerability. Successful exploitation of this vulnerability could cause OS service exceptions.Vulnerability ID:HWPSIRT-2023-25233 This vulnerability h...

7.8CVSS6.7AI score0.00129EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/09/29 12:0 a.m.•30 views

Security Advisory - Improper Authentication Vulnerability in Huawei Product

There is an improper authentication vulnerability in Hero-CT060. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently validate the user's identity. Successful exploit could allow the attacker to do certain operations which the user are...

9.8CVSS9.4AI score0.00791EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/05/19 12:0 a.m.•30 views

Security Advisory - Denial of Service Vulnerability in Huawei Smartphone

There is a denial of service vulnerability in Huawei smartphone. A module does not verify certain parameters sufficiently and it leads to some exceptions. Successful exploit could cause a denial of service condition. Vulnerability ID: HWPSIRT-2020-05281 This vulnerability has been assigned a Comm...

5.5CVSS5.3AI score0.00156EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2020/12/30 12:0 a.m.•30 views

Security Advisory - Resource Management Errors Vulnerability in Huawei Smartphone Product

There is a resource management errors vulnerability in Huawei smartphone product. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience. Vulnerability ID: HWPSIRT-2020-06101 This...

3.3CVSS3.9AI score0.00194EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/12/30 12:0 a.m.•30 views

Security Advisory - Privilege Escalation Vulnerability in Huawei Product

There is a privilege escalation vulnerability in some Huawei products. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise...

6.7CVSS6.7AI score0.00212EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/03/11 12:0 a.m.•30 views

Security Advisory - Improper Integrity Checking Vulnerability on some Huawei Products

There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications. Vulnerability ID: HWPSIRT-2019-10070 This vulnerability has been...

3.9CVSS4.2AI score0.00149EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2019/07/03 12:0 a.m.•30 views

Security Advisory - Path Traversal Vulnerability on Huawei Share

There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Vulnerabili...

6.5CVSS6.5AI score0.00468EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2019/01/31 12:0 a.m.•30 views

Security Advisory - Authorization Bypass Vulnerability on Some Huawei Smartphone

Some Huawei smart phones have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This vulnerability can be exploited to perform operations beyond the scope ...

6.4CVSS6.4AI score0.00223EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2018/08/13 12:0 a.m.•30 views

Security Advisory - Multiple Vulnerabilities in IPsec IKE of Huawei Firewall Products

There is a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher RSA padding oracle. Cause a Bleichenbacher oracle attack. Successful exploit this vulnerability c...

7.8CVSS6.9AI score0.01082EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2018/06/29 12:0 a.m.•30 views

Security Advisory - DoS Vulnerability in SMS Module of Some Huawei Smart Phones

There is a Denial of Service DoS vulnerability in the Short Message Service SMS module of some Huawei smart phones. An unauthenticated attacker may set up a pseudo base station, and send special malware text message to the phone, causing the mobile phone to fail to make calls and send and receive...

6.5CVSS6.4AI score0.00389EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/06/13 12:0 a.m.•30 views

Security Advisory - Arbitrary Memory Free Vulnerability in GPU Driver of Some Huawei Smart Phones

There is an arbitrary memory free vulnerability in GPU driver of some Huawei smart phones due to insufficient parameters verification. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory...

9.3CVSS7.7AI score0.01009EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/04/18 12:0 a.m.•30 views

Security Advisory - Improper Resource Management Vulnerability in Some Huawei Products

There is an improper resource management vulnerability in some AR series products. Due to the improper implementation of ACL mechanism, a remote attacker may send TCP messages to the management interface of the affected device to exploit this vulnerability. Successful exploit could exhaust the...

7.5CVSS7.5AI score0.00891EPSS
Exploits0Affected Software5
Huawei
Huawei
•added 2018/03/09 12:0 a.m.•30 views

Security Advisory - Information Disclosure Vulnerability on Honor Smart Scale Application

There is an information disclosure vulnerability on Honor Smart Scale application. The application does not sufficiently restrict the resource which can be accessed by certain protocol. An attacker could trick the user to click a malicious link, successful exploit could cause information...

4.3CVSS4.2AI score0.00858EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/12/15 12:0 a.m.•30 views

Security Advisory - Insufficient Input Validation Vulnerability in Some Huawei Products

There is an insufficient input validation vulnerability in some Huawei products. An unauthenticated, remote attacker may send crafted IKE V2 messages to the affected products. Due to the insufficient validation of the messages, successful exploit will cause invalid memory access and result in a...

7.5CVSS7.5AI score0.01242EPSS
Exploits0Affected Software26
Huawei
Huawei
•added 2017/10/25 12:0 a.m.•30 views

Security Advisory - Improper Authorization Vulnerability in Huawei FusionSphere OpenStack

There is an improper authorization vulnerability in Huawei FusionSphere OpenStack products. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation. Vulnerability ID:...

7.8CVSS7.5AI score0.00216EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/09/13 12:0 a.m.•30 views

Security Advisory - DOS Vulnerability in some Huawei APPs

There is a DoS Vulnerability in some Huawei APPs. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to the device. Due to the lack of adequate input validation of APPs, which causes the APPs Denial of Service. Vulnerabili...

5.5CVSS5.3AI score0.0054EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/08/30 12:0 a.m.•30 views

Security Advisory - Improper Authentication Vulnerability in The FusionSphere OpenStack

FusionSphere OpenStack has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message. Vulnerability ID: HWPSIRT-2017-06002 This vulnerability has...

8.8CVSS8.9AI score0.01209EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/08/16 12:0 a.m.•30 views

Security Advisory - Authentication Bypass Vulnerability in Huawei Honor 5S Smart Phones

Huawei Honor 5S smart phones have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user's smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without...

7.2CVSS6.8AI score0.00326EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/08/02 12:0 a.m.•30 views

Security Advisory - DoS Vulnerability of Audio Driver in Some Huawei Smartphones

Audio driver has a denial of service DoS vulnerability in some Huawei smart phones. An attacker tricks a user into installing a malicious application on the smart phone, and the race condition cause null pointer accessing during the application access shared resource, which make the system reboot...

5.4CVSS4.6AI score0.00386EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/06/23 12:0 a.m.•30 views

Security Advisory - DoS Vulnerability in Wi-Fi Driver of Some Huawei Smart Phones

There is a Denial of Service DoS vulnerability in Wi-Fi driver of some Huawei smart phones. An attacker may trick a user into installing a malicious application and the application can access invalid address of driver to crash the system. Vulnerability ID: HWPSIRT-2017-04153 This vulnerability ha...

7.1CVSS5.3AI score0.0065EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/04/25 12:0 a.m.•30 views

Security Advisory - Brute-force attack of Users' Safe Password in the Files APP in Huawei Mobile Phones

The Files APP in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to information leak. Vulnerability ID...

7.8CVSS7.5AI score0.00251EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/04/19 12:0 a.m.•30 views

Security Advisory - Input Validation Vulnerability in Multiple Huawei Products

There is an input validation vulnerability in Huawei Multiple products. Due to the lack of input validation on the device, a remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial ...

8.8CVSS8.8AI score0.01207EPSS
Exploits0Affected Software8
Huawei
Huawei
•added 2017/01/18 12:0 a.m.•30 views

Security Advisory - Buffer Overflow Vulnerability in Driver of Huawei Smart Phone

The ddrdevfreq driver of some Huawei products has buffer overflow vulnerability due to the lack of a parameters check. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to...

9.3CVSS7.9AI score0.00919EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/01/18 12:0 a.m.•30 views

Security Advisory - Phone Finder Bypass Vulnerability in Huawei Smart Phones

Phone Finder is a Huawei security method that was designed to make sure someone can't just wipe and factory reset the phone if user lost it or it was stolen. The Phone Finder in some Huawei smart phones can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System...

7.2CVSS6.6AI score0.00276EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/01/11 12:0 a.m.•30 views

Security Advisory - DoS Vulnerability in Multiple Huawei Products

There is an denial of service DoS vulnerability in multiple Huawei products. An attacker with specific permission can craft a file containing malicious data and upload it to the device to exhaust memory, causing a DoS condition. Vulnerability ID: HWPSIRT-2016-07088 This vulnerability has been...

5.5CVSS5.4AI score0.00231EPSS
Exploits0Affected Software7
Huawei
Huawei
•added 2016/12/28 12:0 a.m.•30 views

Security Advisory - DoS Vulnerability in Multiple Huawei Devices

There is a denial of service DoS vulnerability in multiple Huawei devices. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation ProtocolRSVP packet and send it to the device, causing a few buffer overflows and occasional device restart. Vulnerability I...

7.8CVSS7.5AI score0.01831EPSS
Exploits0Affected Software5
Total number of security vulnerabilities1006