Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
added 2016/12/21 12:0 a.m.30 views

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol LDP packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet,...

4.3CVSS4.5AI score0.00446EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/11/30 12:0 a.m.30 views

Security Advisory - Command Injection Vulnerability in Huawei FusionAccess

There is a command injection vulnerability in Huawei FusionAccess due to the lack of input validation. A remote attacker with specific permission could inject an Lightweight Directory Access ProtocolLDAP operation command into a specific input variable to obtain sensitive information from the...

6.5CVSS6.5AI score0.00861EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/06/24 12:0 a.m.30 views

Security Advisory - DLL Hijacking Vulnerability on Huawei HiSuite

The HiSuite is mobile assistant software on PCs. This software contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execute arbitrary code...

7.8CVSS7.8AI score0.00341EPSS
Exploits2Affected Software1
Huawei
Huawei
added 2016/06/01 12:0 a.m.30 views

Security Advisory - Buffer Overflow Vulnerability in Some Videoconference Products

The VP9660, VP9650, and VP9630 are Multipoint Control Units MCUs. As the core devices in videoconferencing systems, they provide endpoint access and conferencing functions. The three devices use the same software, namely, HUAWEI VP9660. The RSE6500 is a multimedia video conferencing server with...

9.3CVSS8.6AI score0.02961EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2016/04/27 12:0 a.m.30 views

Security Advisory - Input Validation Vulnerability in Multiple Huawei Products

There is an input validation vulnerability in Multiple Huawei products, when the debug switch on the device is enabled, an attacker with network access may exploit this vulnerability by crafting malformed DNS packets and sending them to the target device. As for the lacking of input validation, a...

8.1CVSS8.3AI score0.0147EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2015/12/09 12:0 a.m.30 views

Security Advisory - Two DoS Vulnerabilities in the HIFI Driver of Huawei Smart Phone

Some Huawei smart phones have two DoS Denial of Service security vulnerabilities in the HIFI driver. An attacker may trick a user into installing a malicious application and use the application to input null pointer as parameter, which can reboot the system. Vulnerability ID: HWPSIRT-2015-10038 a...

7.1CVSS5.7AI score0.00823EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2015/11/11 12:0 a.m.30 views

Security Advisory - DoS Vulnerability in Huawei eSpace 8950 IP Phone

When Huawei eSpace 8950 IP phone receive some type of malicious ARP packets, memory leak may occur on the network interface card. When the memory is overloaded by such packets, the IP phone restarts Vulnerability ID: HWPSIRT-2015-08041. This vulnerability has been assigned Common Vulnerabilities...

7.8CVSS7.6AI score0.01007EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2015/09/09 12:0 a.m.30 views

Security Advisory - Insufficient Input Verification Vulnerability in the FusionAccess

FusionAccess is a kind of virtual desktop applications based on Huawei cloud platform. Through the deployment of Huawei desktop cloud software on the cloud platform, customers can access the cloud desktop by the thin client device or other devices. There is an insufficient input verification...

7.8CVSS7AI score0.00746EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2015/05/06 12:0 a.m.30 views

Security Advisory - IP Option Improper Handling Vulnerability in Multiple Huawei Products

Multiple Huawei Products have an improper IP option handling vulnerability. The IP stack implementation in multiple Huawei products mishandles IP options when a crafted ICMP request message is received, leading to the board reboot Vulnerability ID: HWPSIRT-2015-02003. This Vulnerability has been...

7.8CVSS7.2AI score0.00943EPSS
Exploits0Affected Software21
Huawei
Huawei
added 2015/02/11 12:0 a.m.30 views

Security Advisory - Privilege Escalation Vulnerability in Huawei Mate7

Android versions earlier than 5.0 are affected by the vulnerability, which allows an attacker to escalate privilege. Huawei Mate7 is affected by the vulnerability Vulnerability ID: HWPSIRT-2015-01043. This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2014-791...

7.2CVSS6.6AI score0.2435EPSS
Exploits6Affected Software1
Huawei
Huawei
added 2014/08/20 12:0 a.m.30 views

Security Advisory- SSH Username Information Disclosure Vulnerability in Huawei Campus Switch

Some versions of Huawei Campus switch series products S9300/S9300E/S7700/S9700 /S5700/S6700/S5300/S6300/S2300/S2700/S3300/S3700 are affected by username information disclosure vulnerability. When the maintenance terminal of a Huawei Campus switch uses SSH to log in to a server, attackers can gues...

5.9CVSS5.2AI score0.01734EPSS
Exploits0Affected Software12
Huawei
Huawei
added 2024/04/17 12:0 a.m.29 views

Security Advisory - Inappropriate Interface access Control Vulnerability in a Huawei PC Product

A Huawei PC product has a vulnerability in improper interface access control. Successful exploitation of this vulnerability may cause SMRAM leaks.Vulnerability ID:HWPSIRT-2023-98172 This vulnerability has been assigned a CVEID:CVE-2023-52712...

7.8CVSS6.7AI score0.00115EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2023/04/26 12:0 a.m.29 views

Security Advisory - Identity Authentication Bypass Vulnerability in Huawei HiLink AI Life Product

Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.Vulnerability ID:HWPSIRT-2022-42291 This vulnerability has been assigned a CVEID:CVE-2022-48470...

4CVSS6.4AI score0.00141EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2023/01/18 12:0 a.m.29 views

Security Advisory - System Command Injection Vulnerability in a Huawei Printer Product

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution.Vulnerability ID:HWPSIRT-2022-90114 This vulnerability has been assigned a CVEID:CVE-2022-48255...

9.8CVSS9.6AI score0.01109EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/04/28 12:0 a.m.29 views

Security Advisory - Information Leak Vulnerability in Huawei Products

There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some operations. This can lead to information leak. Vulnerability ID: HWPSIRT-2020-32489 This vulnerability...

4.9CVSS4.9AI score0.00563EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2020/12/02 12:0 a.m.29 views

Security Advisory - Privilege Escalation Vulnerability in Huawei Smartphone

There is a privilege escalation vulnerability on Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion. Vulnerability ID: HWPSIRT-2020-00070 This...

6.2CVSS6.5AI score0.00224EPSS
Exploits0Affected Software5
Huawei
Huawei
added 2020/08/12 12:0 a.m.29 views

Security Advisory - Insufficient Authentication Vulnerability in Some Huawei Products

There is an insufficient authentication vulnerability in some Huawei products. An attacker may exploit the vulnerability to delete some files and cause some services abnormal. Vulnerability ID: HWPSIRT-2020-05066 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID:...

9.1CVSS9.2AI score0.00775EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/07/29 12:0 a.m.29 views

Security Advisory - Buffer Overflow Vulnerability in Several Smartphones

There is a buffer overflow vulnerability in several products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high...

7.8CVSS7.8AI score0.00794EPSS
Exploits0Affected Software13
Huawei
Huawei
added 2020/06/17 12:0 a.m.29 views

Security Advisory - Improper Privilege Management Vulnerability in FusionShpere Product

There is an improper permissions management vulnerability in FusionShpere product. The software does not incorrectly performs a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege. Vulnerabilit...

7.8CVSS7.5AI score0.00197EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/22 12:0 a.m.29 views

Security Advisory - Input Validation Vulnerability in Huawei Products

There is an out-of-bound read vulnerability that the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service. Vulnerability ID: HWPSIRT-2019-12419 This vulnerability has been assigned a Common...

7.5CVSS7.4AI score0.00745EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2019/04/24 12:0 a.m.29 views

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

There is Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection FRP function, an attacker can login the Talkback mode and can perform some operations to access the setting page. As a result, t...

4.6CVSS4.6AI score0.00235EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/01/16 12:0 a.m.29 views

Security Advisory - Race Condition Vulnerability on Several Smartphones

There is a race condition vulnerability on certain driver of smartphone. An attacker tricks the user into installing a malicious application, which make multiple processes to operate the same variate at the same time. Successful exploit could cause execution of malicious code. Vulnerability ID:...

7.6CVSS6.8AI score0.0068EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2018/11/14 12:0 a.m.29 views

Security Advisory - Information Leakage Vulnerability on Several Huawei Products

There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain additional information. Successful exploitation of...

7.5CVSS7.4AI score0.00976EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/11/05 12:0 a.m.29 views

Security Advisory - Lock-screen Bypass Vulnerability in Huawei Smartphones

There is a lock-screen bypass vulnerability in radio module of some Huawei smartphones. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability. Vulnerability ID: HWPSIRT-2018-04055 This vulnerability has...

6.8CVSS6.6AI score0.00249EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/06/22 12:0 a.m.29 views

Security Advisory - FRP Bypass Vulnerability in Some Huawei Smart Phones

There is Factory Reset Protection FRP bypass vulnerability in some Huawei smart phones. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally. Vulnerability...

7.2CVSS6.5AI score0.00304EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/04/11 12:0 a.m.29 views

Security Advisory - Information Leak Vulnerability in the NFC Module of Some Huawei Mobile Phones

There is an information leak vulnerability in the Near Field Communication NFC module of some Huawei mobile phones due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's mobile phone using the NFC function, the attacker can obtain...

5.7CVSS5.4AI score0.00372EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/02/03 12:0 a.m.29 views

Security Advisory - Fingerprint Unlocking Vulnerability on Smartphones

There is a fingerprint unlocking vulnerability on smartphones. If there are crackles on the fingerprint collector cover, the software would consider and learn the crackles as fingerprint feature when user press his finger on the cover to unlock the phone. So after lots of normal fingerprint...

4.3CVSS4.1AI score0.00592EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/01/31 12:0 a.m.29 views

Security Advisory - Out-Of-Bounds Read Vulnerability in Some Huawei Products

Some Huawei products have an out-of-bounds read vulnerability due to insufficient input validation. An unauthenticated, remote attacker could exploit this vulnerability by sending malformed Session Initiation ProtocolSIP packets to the target device. Successful exploit could make the device read...

7.5CVSS7.5AI score0.01242EPSS
Exploits0Affected Software17
Huawei
Huawei
added 2017/12/15 12:0 a.m.29 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is buffer overflow vulnerability in some Huawei products. An unauthenticated, remote attacker may send specially crafted certificates to the affected products. Due to insufficient validation of the certificates, successful exploit may cause buffer overflow and some service abnormal...

5.3CVSS5.5AI score0.00779EPSS
Exploits0Affected Software27
Huawei
Huawei
added 2017/12/06 12:0 a.m.29 views

Security Advisory - Multiple Security Vulnerabilities in the IKEv2 Protocol Implementation of Huawei Products

There have multiple vulnerabilities in the IKEv2 protocol on some Huawei products. IKEv2 has an out-of-bounds write vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory write, which may further lead to system...

7.5CVSS6.8AI score0.00925EPSS
Exploits0Affected Software8
Huawei
Huawei
added 2017/12/06 12:0 a.m.29 views

Security Advisory - Memory Leak Vulnerability in Several Huawei Products

There is a memory leak vulnerability in several Huawei products. The software does not release allocated memory properly when parse XML element data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory...

3.3CVSS3.7AI score0.00222EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2017/12/06 12:0 a.m.29 views

Security Advisory - Memory Leak Vulnerability in Several Huawei Products

There is a memory leak vulnerability in several Huawei products. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory...

3.3CVSS3.7AI score0.00222EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/12/01 12:0 a.m.29 views

Security Advisory - DoS Vulnerability in Some Huawei Products

There is a DoS vulnerability caused by memory exhaustion in some Huawei products. For insufficient input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service DoS. Vulnerability ID: HWPSIRT-2016-1210...

5.5CVSS5.4AI score0.00222EPSS
Exploits0Affected Software12
Huawei
Huawei
added 2017/11/29 12:0 a.m.29 views

Security Advisory - Use After Free Vulnerability in Some Huawei Smart Phones

There is a use after free UAF vulnerability in some Huawei mobile phones. An attacker tricks a user into installing a malicious application, and the application can riggers access memory after free it. A local attacker may exploit this vulnerability to cause the mobile phone to crash. Vulnerabili...

7.1CVSS5.4AI score0.00571EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/11/29 12:0 a.m.29 views

Security Advisory - Integer Overflow Vulnerability on Several Products

There is an integer overflow vulnerability on several products. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot. Vulnerability ID: HWPSIRT-2017-010...

7.8CVSS7.6AI score0.01379EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/11/15 12:0 a.m.29 views

Security Advisory - Buffer overflow Vulnerability in CameraISP Driver of Huawei Smart Phone

The CameraISP driver of some Huawei smart phones has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot...

7.1CVSS5.7AI score0.00703EPSS
Exploits0Affected Software5
Huawei
Huawei
added 2017/08/16 12:0 a.m.29 views

Security Advisory - Out-of-Bounds Memory Access Vulnerability in the Boot Loaders of Huawei Mobile Phones

The boot loaders of some Huawei mobile phones have an out-of-bounds memory access vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer...

7.1CVSS5.6AI score0.00531EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2017/05/31 12:0 a.m.29 views

Security Advisory - Two Buffer Overflow Vulnerabilities in the GaussDB

There is a buffer overflow vulnerability in the type conversion function of the GaussDB. An attacker logs in to the system as a common user and craft malformed packets, which could be exploited to perform a denial of service attack or possibly remote code execution on the GaussDB. Vulnerability I...

6.5CVSS7.9AI score0.06666EPSS
Exploits2Affected Software1
Huawei
Huawei
added 2017/02/08 12:0 a.m.29 views

Security Advisory - Buffer Overflow Vulnerability in Goldeneye Driver of Huawei Smart Phones

The goldeneye driver of some Huawei smart phones has buffer overflow vulnerability due to the lack of a parameters check. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone...

9.3CVSS7.9AI score0.00743EPSS
Exploits0Affected Software5
Huawei
Huawei
added 2016/12/07 12:0 a.m.29 views

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Storage Products

Some Huawei storage products have a privilege escalation vulnerability due to the lack of input validation. Attackers with administrator privilege could inject command into specific command’s parameters, and run this injected command with root privilege. Vulnerability ID: HWPSIRT-2016-05004 This...

9CVSS7.3AI score0.01173EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/11/30 12:0 a.m.29 views

Security Advisory - XSS Vulnerability in Huawei eSpace IAD

Huawei eSpace Integrated Access Device IAD has a reflected cross-site scripting XSS vulnerability. An attacker could trick a user into clicking a URL containing malicious scripts. Then the user's browser may receive a response from the eSpace IAD and execute the malicious scripts. Successful...

6.1CVSS6AI score0.00611EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/09/21 12:0 a.m.29 views

Security Advisory - DOS Vulnerability in Video Driver of Huawei Smart Phone

There is a Denial of Service DoS vulnerability in the video driver of some Huawei products. An attacker may trick a user into installing a malicious application, and the application can send given parameter to video driver to reboot the system. Vulnerability ID: HWPSIRT-2016-08046 This...

7.1CVSS5.4AI score0.00595EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2016/05/20 12:0 a.m.29 views

Security Advisory - Information Leak Vulnerability in Huawei Smart Phones

Some Huawei smartphones have an information leak vulnerability due to improper security status verification. An attacker may use a rogue base station to obtain information about subscribers' signal strengths. Vulnerability ID: HWPSIRT-2015-12007 This vulnerability has been assigned Common...

4.3CVSS4.1AI score0.00525EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/04/06 12:0 a.m.29 views

Security Advisory - Input Validation Vulnerability in Huawei AR3200

There is an input validation vulnerability in Huawei AR3200, which allows an attacker who logs into the device to send malformed packets, causing the AR3200 occasionally restart and a Denial of Service. Vulnerability ID: HWPSIRT-2015-10047 This vulnerability has been assigned Common Vulnerabiliti...

6.8CVSS6.5AI score0.01354EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/03/30 12:0 a.m.29 views

Security Advisory - DoS Vulnerability in FusionCompute

FusionCompute is a cloud OS software for virtualization of hardware resources and central management of virtual, service, and user resources. A DoS vulnerability exists in FusionCompute. An attacker can send abnormal packets as an ordinary user to exhaust system resources and make services...

6.8CVSS6.6AI score0.01011EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/03/30 12:0 a.m.29 views

Security Advisory - DoS Vulnerability in Huawei S Series Switches

Multiple models of Huawei S series switches have a DoS vulnerability. When an attacker controls or impersonates a server connected to a switch, the attacker can send malicious attack packets to the switch to cause it to restart and make it unavailable. Vulnerability ID: HWPSIRT-2015-12022 This...

7.8CVSS7.6AI score0.01322EPSS
Exploits0Affected Software5
Huawei
Huawei
added 2016/02/17 12:0 a.m.29 views

Security Advisory - Permission Control Vulnerability in Some Huawei Switches

Some Huawei switches have a permission control vulnerability. If a switch enables Authentication, Authorization and Accounting AAA for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal VTY access permission, resulting in privilege...

7.5CVSS7.6AI score0.00789EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2015/03/19 12:0 a.m.29 views

Security Advisory – Authentication Caused Memory Overflow Vulnerability in Some Huawei Switch Products

The user authentication module in some Huawei switch products has the memory overflow vulnerability that can cause device restart when users log in improperly Vulnerability ID: HWPSIRT-2015-02014. This Vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2015-2800...

7.8CVSS7.5AI score0.01736EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2023/02/01 12:0 a.m.28 views

Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. Vulnerability ID:HWPSIRT-2022-90086 This vulnerability has been assigned a CVE ID:...

9.8CVSS8.5AI score0.00472EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2022/11/23 12:0 a.m.28 views

Security Advisory - Improper Input Validation Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal. Vulnerability ID:HWPSIRT-2022-53187 This vulnerability has been assigned a CVE ID: CVE-2022-39012...

7.5CVSS7.1AI score0.00517EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1006