Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
•added 2015/03/19 12:0 a.m.•29 views

Security Advisory – Authentication Caused Memory Overflow Vulnerability in Some Huawei Switch Products

The user authentication module in some Huawei switch products has the memory overflow vulnerability that can cause device restart when users log in improperly Vulnerability ID: HWPSIRT-2015-02014. This Vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2015-2800...

7.8CVSS7.5AI score0.01736EPSS
Exploits0Affected Software7
Huawei
Huawei
•added 2023/02/01 12:0 a.m.•28 views

Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. Vulnerability ID:HWPSIRT-2022-90086 This vulnerability has been assigned a CVE ID:...

9.8CVSS8.5AI score0.00472EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2022/11/23 12:0 a.m.•28 views

Security Advisory - Improper Input Validation Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal. Vulnerability ID:HWPSIRT-2022-53187 This vulnerability has been assigned a CVE ID: CVE-2022-39012...

7.5CVSS7.1AI score0.00517EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2022/11/23 12:0 a.m.•28 views

Security Advisory - Insufficient Authentication Vulnerability in some Huawei Band Products

There is an insufficient authentication vulnerability in some Huawei band products. Successful exploit could allow the attacker to spoof then connect to the band. Vulnerability ID: HWPSIRT-2022-85585 This vulnerability has been assigned a CVE ID: CVE-2022-41579...

6.5CVSS6.2AI score0.00283EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/11/24 12:0 a.m.•28 views

Security Advisory - Possible Out-Of-Bounds Read Vulnerability in Some Huawei Products

Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Vulnerability ID: HWPSIRT-2020-00938 This vulnerability has been assigned a Common...

6.8CVSS6.4AI score0.00572EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2021/05/06 12:0 a.m.•28 views

Security Advisory - Out-of-Bounds Write Vulnerability in Some Huawei Products

There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise the normal service...

6.5CVSS6.6AI score0.00581EPSS
Exploits0Affected Software5
Huawei
Huawei
•added 2020/12/30 12:0 a.m.•29 views

Security Advisory - Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the...

6.5CVSS6.5AI score0.00332EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2020/08/12 12:0 a.m.•28 views

Security Advisory - Logic Error Vulnerability in Several Smartphones

There is a logic error vulnerability in several smartphones. In a special scenario, the system does not properly process. As a result, attackers can perform a series of operations to successfully establish P2P connections that are rejected by the peer end. As a result, the availability of the...

4.6CVSS4.5AI score0.0021EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/04/29 12:0 a.m.•28 views

Security Advisory - Invalid Pointer Access Vulnerability in Huawei OceanStor Product

There is an invalid pointer access vulnerability in Huawei OceanStor 5310 product. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot. Vulnerability ID: HWPSIRT-2020-02002...

7.8CVSS7.4AI score0.00793EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2019/01/30 12:0 a.m.•28 views

Security Advisory - Double Free Vulnerability on Smartphones

There is a double free vulnerability on certain driver of smartphones. An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same resource at the same time. Successful exploit could cause a denial of service condition. Vulnerability ID:...

5.5CVSS5.5AI score0.0055EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/10/31 12:0 a.m.•28 views

Security Advisory - Improper Authorization Vulnerability in Huawei Watches

There is an improper authorization vulnerability in some Huawei watches. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass permission verification to perform specific operations and modify some data on the watch...

4.6CVSS4.7AI score0.00223EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/09/14 12:0 a.m.•28 views

Security Advisory - Lock-screen Bypass Vulnerability in Huawei Mate RS Smartphones

There is a lock-screen bypass vulnerability in Huawei Mate RS smartphones. An attacker could unlock and use the phone through certain operations. Vulnerability ID: HWPSIRT-2018-06108 This vulnerability has been assigned a CVE ID: CVE-2018-7929. Huawei has released software updates to fix this...

6.8CVSS6.5AI score0.00245EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/09/11 12:0 a.m.•28 views

Security Advisory - Two Insufficient Input Validation Vulnerabilities in Huawei Smart Phones

Some Huawei phones have two insufficient input validation vulnerabilities due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify different specific data to exploit these two vulnerabilities. Successful exploi...

9.3CVSS8.1AI score0.01009EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/05/23 12:0 a.m.•28 views

Security Advisory - Numeric Errors Vulnerability in Some Huawei Products

Some Huawei products have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause...

5.3CVSS5.4AI score0.01248EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2018/03/14 12:0 a.m.•28 views

Security Advisory - Array Out-of-bounds Read Vulnerability in Huawei Smartphone Products

There is an array out-of-bounds read vulnerability in Huawei Smartphone products. Due to the lack verification of array, an attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker to read out of bounds of array and possib...

5.5CVSS5.4AI score0.0055EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/03/07 12:0 a.m.•28 views

Security Advisory - Permission Control Vulnerability in Huawei Video Application

There is a permission control vulnerability in Huawei video applications. Due to improper verification of specific infterface, an attacker who is on the same network with the user can obtain some information through a man-in-the-middle attack. Vulnerability ID: HWPSIRT-2018-02026 This vulnerabili...

4.3CVSS3.8AI score0.00592EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/12/20 12:0 a.m.•28 views

Security Advisory - Arbitrary Lock Pattern Change Vulnerability in Huawei HiWallet APP

Huawei HiWallet App has an arbitrary lock pattern change vulnerability. It needs to verify the user's Huawei ID during lock pattern change. An attacker with root privilege who gets a user's smart phone may bypass Huawei ID verification by special operation. Successful exploit of this vulnerabilit...

3.9CVSS4.3AI score0.00227EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/12/13 12:0 a.m.•28 views

Security Advisory - IPv6 Out-of-bounds Read Vulnerability in Huawei Products

IPv6 has an out-of-bounds read vulnerability. An unauthenticated attacker may send crafted malformed IPv6 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause device to reset.Vulnerability ID: HWPSIRT-2016-08018 This vulnerability has be...

7.8CVSS7.5AI score0.00984EPSS
Exploits0Affected Software10
Huawei
Huawei
•added 2017/12/06 12:0 a.m.•28 views

Security Advisory - DoS Vulnerability in Some Huawei Products

Some Huawei products have a DoS vulnerability due to insufficient validation of the Network Quality AnalysisNQA packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart. Vulnerability I...

7.8CVSS7.5AI score0.01295EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2017/12/06 12:0 a.m.•28 views

Security Advisory - Multiple Vulnerabilities of PEM Module in Some Huawei Products

There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter, which could cause a denial of service. Vulnerability ID: HWPSIRT-2017-06047 This vulnerability has been...

5.5CVSS5.5AI score0.00211EPSS
Exploits0Affected Software24
Huawei
Huawei
•added 2017/11/29 12:0 a.m.•28 views

Security Advisory - Two Vulnerabilities in H323 protocol of Huawei Products

There is an out-of-bounds read vulnerability in H323 protocol of Huawei products. An unauthenticated, remote attacker may send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot. Vulnerability ID:...

5.3CVSS5.7AI score0.01477EPSS
Exploits0Affected Software39
Huawei
Huawei
•added 2017/11/25 12:0 a.m.•28 views

Security Advisory - Stack Overflow Vulnerability in Baseband Module of Some Huawei Smart Phones

The baseband modules of some Huawei smart phones have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles the...

8.8CVSS9AI score0.00714EPSS
Exploits0Affected Software16
Huawei
Huawei
•added 2017/11/17 12:0 a.m.•28 views

Security Advisory - Sensitive Information Leak Vulnerability in Some Huawei Smart Phones

There is a sensitive information leak vulnerability in the CMA implementation of some Huawei smart phones. An attacker can trick a user to install a malicious application to exploit this vulnerability. Successful exploitation may cause sensitive information leak. Vulnerability ID:...

5.5CVSS5.2AI score0.00658EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/11/15 12:0 a.m.•28 views

Security Advisory - DoS Vulnerability in Some Huawei Products

Some Huawei products have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device. Successful exploit could make a service crash. Vulnerability ID: HWPSIRT-2017-05081 This vulnerability h...

6.5CVSS6.4AI score0.00365EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/08/23 12:0 a.m.•28 views

Security Advisory - Two Command Injection Vulnerabilities in The FusionSphere OpenStack

The FusionSphere has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. Vulnerability ID: HWPSIRT-2017-05142 and HWPSIRT-2017-05143 The tw...

8.8CVSS9.6AI score0.00923EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/08/16 12:0 a.m.•28 views

Security Advisory - Lack of Signature Verification Vulnerability in Some Huawei APP

Some Huawei APP do not support signature verification for APK file. An attacker could exploit this vulnerability to hijack the APK and upload modified APK file. Successful exploit could lead to the APP is hijacking. Vulnerability ID: HWPSIRT-2017-07089 This vulnerability has been assigned a Commo...

5.3CVSS5.2AI score0.00489EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/06/07 12:0 a.m.•28 views

Security Advisory - Two Buffer Overflow Vulnerabilities in the GaussDB

GaussDB has a buffer overflow vulnerability. An authenticated, remote attacker could use a specially crafted string in an SQL query to cause the database to crash, or lead to privilege escalation. Vulnerability ID: HWPSIRT-2017-05016 This vulnerability has been assigned a Common Vulnerabilities a...

9.8CVSS9.6AI score0.05072EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/02/09 12:0 a.m.•28 views

Security Advisory - Privilege Escalation Vulnerability in Huawei Smart Phones

There is a privilege escalation vulnerability in Huawei smart phones. An unauthenticated attacker can bypass phone activation to user management page of the phone and create a new user. Successful exploit could allow the attacker operate part function of the phone. Vulnerability ID:...

4.6CVSS4.8AI score0.00221EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/01/18 12:0 a.m.•28 views

Security Advisory - Input Validation Vulnerability in Touchscreen Driver of Huawei Smart Phones

There is an input validation vulnerability in the touchscreen Driver of some Huawei smart phones. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system. Vulnerability ID: HWPSIRT-2016-12025 This...

7.1CVSS5.3AI score0.0065EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/11/11 12:0 a.m.•28 views

Security Advisory - Input Validation Vulnerability in Some Huawei Products

Some Huawei products have an input validation vulnerability due to improper validation of Multiprotocol Label Switching MPLS packets. A remote unauthenticated attacker could exploit this vulnerability by sending malformed MPLS packets. Successful exploit could lead to a denial of service DoS...

7.5CVSS7.7AI score0.00919EPSS
Exploits0Affected Software8
Huawei
Huawei
•added 2016/07/08 12:0 a.m.•28 views

Security Advisory - Two Buffer Overflow Vulnerabilities in Wi-Fi Driver of Huawei Smart Phone

Wi-Fi driver of some Huawei products have two buffer overflow vulnerabilities due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can send given parameter to Wi-Fi driver to crash the system or escalate user privilege...

9.3CVSS7.9AI score0.00888EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2016/05/20 12:0 a.m.•28 views

Security Advisory - Multiple Vulnerabilities in Huawei Smart Phones

Huawei smart phones have two authentication bypass vulnerabilities. An attacker may tricks users into installing a malicious app, and the app could exploit these vulnerabilities to bypass the permission checks, controlling partial module functions Vulnerability ID: HWPSIRT-2016-03013, and deletin...

8.8CVSS7.2AI score0.00725EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/05/11 12:0 a.m.•28 views

Security Advisory - Buffer Overflow Vulnerability in Huawei Several Products

There is a vulnerability in several Huawei devices: USG series and NGFW Module. These products have a buffer overflow vulnerability in the Smart DNS function. An attacker may craft a malformed packet with illegitimate parameters, leading to denial of service or the potential execution of arbitrar...

7.5CVSS7.9AI score0.00997EPSS
Exploits0Affected Software5
Huawei
Huawei
•added 2016/04/22 12:0 a.m.•28 views

Security Advisory - Permission Control Vulnerability in the HiSuite

The HiSuite is mobile assistant software on PCs. The HiSuite has a permission control vulnerability. An unauthenticated attacker who has access to the LAN could exploit the vulnerability to install any app on the mobile phone. Vulnerability ID: HWPSIRT-2016-03034 This vulnerability has been...

5.3CVSS5.4AI score0.00345EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/01/13 12:0 a.m.•28 views

Security Advisory - DoS Vulnerability in Graphics Driver of Huawei Smart Phones

There is a Denial of Service DoS vulnerability in Graphics driver of some Huawei smart phones. An attacker may trick a user into installing a malicious application and the application can make semaphore deadlock issue, which causes the system to crash. Vulnerability ID: HWPSIRT-2015-12015 This...

7.1CVSS5.3AI score0.00561EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/01/13 12:0 a.m.•28 views

Security Advisory - Memory Leak Vulnerability in Huawei Switches

When serving as an HTTPS or SFTP server, the Huawei switch stores a user's SSL session information in the memory even after the user logs out. If the memory occupied by the SSL session information exceeds the allocated amount, memory leak occurs, causing the device to restart. Vulnerability ID:...

6.8CVSS6.3AI score0.01114EPSS
Exploits0
Huawei
Huawei
•added 2023/04/26 12:0 a.m.•27 views

Security Advisory - Misinterpretation of Input Vulnerability in Huawei Printer

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal.Vulnerability ID:HWPSIRT-2022-24181 This vulnerability has been assigned a CVEID:CVE-2022-48473...

7.5CVSS6.1AI score0.00441EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/12/08 12:0 a.m.•27 views

Security Advisory - Information Disclosure Vulnerability in some Huawei Products

There is an information leak vulnerability in some Huawei products. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.Vulnerability ID: HWPSIRT-2020-23793 This vulnerability has been...

6.5CVSS6.3AI score0.00547EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/02/18 12:0 a.m.•27 views

Security Advisory - Local Privilege Escalation Vulnerability in Some Huawei Products

There is a local privilege escalation vulnerability in some Huawei product. A local authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. Vulnerability ID:...

7.8CVSS7.6AI score0.00179EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/01/27 12:0 a.m.•27 views

Security Advisory - Out-of-Bound Read Vulnerability in Huawei Smartphone

There is an out-of-bound read vulnerability in Huawei smartphone. A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service. Vulnerability ID: HWPSIRT-2020-04158 Thi...

7.1CVSS6.7AI score0.00232EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/01/27 12:0 a.m.•27 views

Security Advisory - Pointer Double Free Vulnerability in Huawei Smartphone

There is a pointer double free vulnerability in Huawei smartphone. There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal...

4.3CVSS3.9AI score0.0052EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/06/24 12:0 a.m.•27 views

Security Advisory - Denial of Service Vulnerability in Several Products

There is a denial of service vulnerability in several products. The device does not properly handle certain message from base station, the attacker should craft a fake base station to launch the attack, successful exploit could cause a denial of signal service condition. Vulnerability ID:...

5.3CVSS5.2AI score0.00265EPSS
Exploits0Affected Software11
Huawei
Huawei
•added 2020/05/06 12:0 a.m.•27 views

Security Advisory - Improper Authentication Vulnerability in Several Huawei Products

Some Huawei products have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device. Vulnerability ID: HWPSIRT-2020-03160 This vulnerability has been assigned a Common...

9.8CVSS9.5AI score0.00876EPSS
Exploits0Affected Software12
Huawei
Huawei
•added 2020/01/22 12:0 a.m.•27 views

Security Advisory - Out of Bounds Read Vulnerability in Several Products

There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal. Vulnerability ID: HWPSIRT-2019-12428 This vulnerability ha...

6.5CVSS6.4AI score0.0032EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2019/10/30 12:0 a.m.•27 views

Security Advisory - Improper Authentication Vulnerability in Some Huawei Smartphones

There is an improper authentication vulnerability in some Huawei smartphones. Successful exploitation may cause the attacker to access specific components. Vulnerability ID: HWPSIRT-2019-07245 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2019-5233. Huawe...

8.8CVSS8.7AI score0.00878EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2019/08/07 12:0 a.m.•27 views

Security Advisory - Double Free Vulnerability in Some Huawei Smart Phones

There is a double free vulnerability in some Huawei smart phones. An attacker can trick a user to click a URL to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. Vulnerability ID: HWPSIRT-2019-04065 This vulnerability has been assigned a Common...

6.8CVSS6.3AI score0.00585EPSS
Exploits0
Huawei
Huawei
•added 2018/11/28 12:0 a.m.•27 views

Security Advisory - Out-of-bounds Write Vulnerability on Several Smartphones

There is an out-of-bounds write vulnerability on several smartphones. The software does not handle the response message properly when the user doing certain inquiry operation, an attacker could send crafted message to the device, successful exploit could cause a denial of service condition...

5.9CVSS5.7AI score0.00731EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/11/14 12:0 a.m.•27 views

Security Advisory - FRP Bypass Vulnerability on Several Smartphones

There is a Factory Reset Protection FRP bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone to another smartphone and then perform a series of specific operations. Successful exploit could all...

4.6CVSS4.7AI score0.00223EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2018/10/17 12:0 a.m.•27 views

Security Advisory - Information Leak Vulnerability in Some Huawei Smart Phones

Some Huawei phones have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone. Vulnerability ID:...

2.4CVSS3.3AI score0.0023EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/09/30 12:0 a.m.•27 views

Security Advisory - FRP Bypass Vulnerability in MyCloud APP of Huawei Smart Phones

There is a security vulnerability which could lead to Factory Reset Protection FRP bypass in the MyCloud APP installed on some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can replace the old account with a new one through special steps by exploit...

4.6CVSS4.6AI score0.00336EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1006