Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
added 2020/12/16 12:0 a.m.20 views

Security Advisory - Out Of Bound Read Vulnerability in Huawei Smartphone

There is an out-of-bound read vulnerability in huawei smartphone Mate 30. An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to insufficient validation of the parameter, successful exploit can cause the...

6.7CVSS6.4AI score0.00247EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/04/18 12:0 a.m.20 views

Security Advisory - Double Free Vulnerability in Some Huawei Smart Phones

The Mali Driver of some Huawei smart phones has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause system reboot. Vulnerability ID: HWPSIRT-2018-02020...

7.1CVSS5.3AI score0.0056EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2018/01/03 12:0 a.m.20 views

Security Advisory - Two Vulnerabilities in CRYPTO module of Several Huawei Products

There is a buffer overflow vulnerability in the CRYPTO module of several Huawei products. An unauthenticated, local attacker could craft malformed file with a specific field that the length is longer than the maximum value. Due to insufficient validation of the inputs, successful exploit could...

7.2AI score
Exploits0Affected Software9
Huawei
Huawei
added 2018/01/03 12:0 a.m.20 views

Security Advisory - DoS Vulnerability in Some Huawei Switch Products

There is a denial of service DoS vulnerability in Some Huawei switch products. An unauthenticated, remote attacker crafts oversized packets and sends the packets to the affected products. Due to insufficient verification of the packets, successful exploitation may cause the service unavailability...

7.1AI score
Exploits0Affected Software2
Huawei
Huawei
added 2017/11/22 12:0 a.m.20 views

Security Advisory - Improper Access Control Vulnerability in Some Huawei OceanStor products

There is an improper access control vulnerability in Some Huawei OceanStor products. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal. Vulnerability ID:...

3.1CVSS3.7AI score0.00258EPSS
Exploits0Affected Software5
Huawei
Huawei
added 2017/11/16 12:0 a.m.20 views

Security Advisory - SQL Injection Vulnerabilities in Huawei UMA Product

There is a SQL injection vulnerability in the operation and maintenance module of Huawei UMA Product. An attacker logs in to the system as a common user and sends crafted HTTP requests that contain malicious SQL statements to the affected system. Due to a lack of input validation on HTTP requests...

8.8CVSS9AI score0.00916EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/08/04 12:0 a.m.20 views

Security Advisory - Information Disclosure Vulnerability in AEE extension of MTK Platform

There is an information disclosure vulnerability in AEE extension of MTK Platform used in Huawei smart phones. Due to improper privilege validation on specific processes, an attacker who tricks a user into installing a malicious application on the smart phone can exploit this vulnerability to...

6.5AI score
Exploits0Affected Software1
Huawei
Huawei
added 2017/04/26 12:0 a.m.20 views

Security Advisory - Directory Traversal Vulnerability in Huawei Smart Phone

There is a directory traversal vulnerability in Huawei smart phone. The attacker can trick a user into installing the malicious APP and change a specific URI to an arbitrary directory. Eventually the attacker can obtain the files in email application. Vulnerability ID: HWPSIRT-2017-03005 This...

5.5CVSS5.5AI score0.01091EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/12/14 12:0 a.m.20 views

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol LDP packets to the devices repeatly. Due to improper validation of some specific fields of the packet, the LDP processing module does not release the memory, resulting ...

5.3CVSS5.3AI score0.01188EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/10/17 12:0 a.m.20 views

Security Advisory - Hardcoded SSH Key Vulnerability in Some Huawei Storage Products

Some Huawei storage products have a hardcoded SSH key vulnerability. Different nodes of the devices use SSH to encrypt communication data and authenticate each other based on public and private keys. Since the SSH public and private keys are hardcoded, an attacker may obtain the keys and log in t...

7.5CVSS7.5AI score0.00374EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/08/17 12:0 a.m.20 views

Security Advisory - Input Validation Vulnerability in Huawei Access Controllers

There is an input validation vulnerability in Huawei access controllers AC. Due to the lack of input validation, an attacker may craft malformed Control And Provisioning of Wireless Access Points CAPWAP protocol packets and send them to the device, causing the device to restart. Vulnerability ID:...

6.8CVSS6.6AI score0.00987EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2015/09/09 12:0 a.m.20 views

Security Advisory - DoS Vulnerability in Huawei U1900 Products

Huawei eSpace U1900 switch series provides professional IP voice solutions to meet communications requirements from various enterprises of different sizes. Huawei eSpace U1900 series includes eSpace U1910, U1911, U1930, U1960, U1980, and U1981. A vulnerability exists in a module of U1900 series...

6.5AI score
Exploits0Affected Software6
Huawei
Huawei
added 2015/03/18 12:0 a.m.20 views

Security Advisory - Directory File Deletion Vulnerability in UDS

When a Huawei UDS product is loading a patch, an attacker can intercept and change the patch loading information and compromise certain directory files of the device Vulnerability ID: HWPSIRT-2014-1238. This Vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2015-225...

9.1CVSS8.3AI score0.00867EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2014/12/24 12:0 a.m.20 views

Security Advisory-Privilege Escalation Vulnerability in the HMM Software of a Huawei Server Product

The Hyper Module Management HMM software of some Huawei server products has a security vulnerability. The software has a design defect, enabling a non-super-domain user who accesses HMM through SNMPv3 to perform operations on a server as a super-domain user vulnerability ID: HWPSIRT-2014-11116...

8.8CVSS8.2AI score0.00714EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2014/05/08 12:0 a.m.20 views

Security Advisory-Radius Vulnerability on Some Huawei Devices

On huawei Campus Switch, AR, SRG,WLAN devices, the RADIUS component cannot handle malformed RADIUS packets. This vulnerability allows attackers to repeatedly restart the device, causing a DoS attack Vulnerability ID: HWPSIRT-2014-0307. This Vulnerability has been assigned Common Vulnerabilities a...

6.1AI score
Exploits0Affected Software21
Huawei
Huawei
added 2013/04/25 12:0 a.m.20 views

Security Advisory-Overflow Vulnerabilities in SNMPv3

Simple Network Management Protocol version 3SNMPv3 is provided by Huawei for network and device management. While the SNMPv3 is enable on some Huawei products, attackers can crash the vulnerable equipment by sending malformed SNMPv3 messages, and make a denial of service DoS attack to vulnerable...

7.4AI score
Exploits0Affected Software9
Huawei
Huawei
added 2013/03/13 12:0 a.m.20 views

Security Advisory - Stack Overflow Vulnerabilities in SNMPv3 debugging mode

Simple Network Management Protocol version 3SNMPv3 is provided by Huawei for network and device management. While the SNMPv3 is enable and debugging is turn on, attackers can make stack overflow by sending malformed SNMPv3 messages with shellcode encoded, and attack vulnerable equipment remotely...

7AI score
Exploits0Affected Software5
Huawei
Huawei
added 2018/01/24 12:0 a.m.19 views

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

There is a memory leak vulnerability in some Huawei products. An authenticated, local attacker may craft and load some specific Certificate Revocation ListCRL configuration files to the devices repeatedly. Due to not release allocated memory properly, successful exploit may result in memory leak...

3.3CVSS3.7AI score0.00138EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2017/12/13 12:0 a.m.19 views

Security Advisory - Authentication Bypass Vulnerability in Some Huawei Smart Phones

Some Huawei smart phones have an authentication bypass vulnerability due to the improper design of a component. An attacker who get a user's smart phone can execute specific operation, and delete the fingerprint of the phone without authentication. Vulnerability ID: HWPSIRT-2017-10094 This...

4.6CVSS5AI score0.00248EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/09/27 12:0 a.m.19 views

Security Advisory - Use After Free Vulnerability in Bastet Driver of Some Huawei Smart Phones

The Bastet Driver of some Huawei smart phones has a use after free UAF vulnerability. An attacker can convince a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution. Vulnerability ID:...

7.8CVSS7.8AI score0.01001EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2017/06/14 12:0 a.m.19 views

Security Advisory - Permission Control Vulnerability in Smart Phones

Some Huawei Smart phones have a permission control vulnerability. Due to improper authorization on specific processes, an attacker with the root privilege of a mobile Android system can exploit this vulnerability to obtain some information of the user. Vulnerability ID: HWPSIRT-2017-04123 This...

7.1CVSS5.3AI score0.00671EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/01/11 12:0 a.m.19 views

Security Advisory - Camera DOS Vulnerability in ION Memory Management Module of Huawei Smart Phone

A denial of service DoS vulnerability exists in the ION memory management module of some Huawei mobile phones. An attacker may trick a user into installing a malicious app to send specific parameters to a Huawei mobile phone. Successful exploit could cause the system to restart. Vulnerability ID:...

7.1CVSS5.3AI score0.00555EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/03/01 12:0 a.m.19 views

Security Advisory - Chunked HTTP Packet L7-Parsing Vulnerability in Huawei Products

There is a vulnerability in several Huawei products: AR series, NetEngine16EX and SRG series. If the Layer 7 HTTP chunked packet paring function is enabled on these devices, an attacker could exploit the vulnerability to craft a special HTTP chunked packet and send it to the target device to caus...

7AI score
Exploits0Affected Software21
Huawei
Huawei
added 2014/11/20 12:0 a.m.19 views

Security Advisory - App Validity Check Bypass Vulnerability in Huawei P7 Smartphone

The PackageInstaller module on Huawei smartphone P7 has a vulnerability in validity check of third-party apps. Attackers can configure some specific information in the malware packages so that smartphones consider that the package is downloaded from whitelisted websites. As a result, the malware...

4.3CVSS6.2AI score0.00785EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/05/23 12:0 a.m.18 views

Security Advisory - Information Exposure Vulnerability in Some Smart Phones

There is an information exposure vulnerability in some Huawei smart phones. When the user's smart phone connects to the malicious device for charging, an unauthenticated attacker may activate some specific function by sending some specially crafted messages. Due to insufficient input validation o...

4.6CVSS4.7AI score0.0026EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2017/11/08 12:0 a.m.18 views

Security Advisory - Denial of Service Vulnerability on Huawei Smartphones

There is a denial of service vulnerability on Huawei Smartphones. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot. Vulnerability ID: HWPSIRT-2017-09085 This vulnerability has been assigne...

5.7CVSS5.2AI score0.00304EPSS
Exploits0Affected Software42
Huawei
Huawei
added 2017/05/27 12:0 a.m.18 views

Security Advisory - Multiple Vulnerabilities in MTK Platform

There are multiple vulnerabilities in the graphics driver of MTK platform in Huawei smart phones. The graphics driver has two buffer overflow vulnerabilities due to the insufficient input verification. An attacker tricks a user into installing a malicious application which has the system privileg...

7.7AI score
Exploits0Affected Software1
Huawei
Huawei
added 2016/06/29 12:0 a.m.18 views

Security Advisory - Data Leak Vulnerability in the FusionCompute

The FusionCompute is a cloud operating system OS. It virtualizes computing, storage, and network resources, and implements centralized management and scheduling of the virtual resources through a unified interface. Huawei FusionCompute has sensitive data leak vulnerability. An attacker can log in...

6.8AI score
Exploits0Affected Software1
Huawei
Huawei
added 2015/09/02 12:0 a.m.18 views

Security Advisory - No Authentication Vulnerability on the Serial Port of the UAP2105

The UAP2105 serves as a radio access device in the uBro solutions. As one of the AP series products developed on the basis of 3GPP R99/R4/R5/R6 FDD, the UAP2105 complies with the R8 HNB standard and provides Small Office and Home Office SOHO and home users with improved indoor coverage. With the...

7.2CVSS6.5AI score0.00297EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2014/05/07 12:0 a.m.18 views

Security Advisory- BootRom Menu and Boot Menu Vulnerabilities on Huawei Campus Switches

Some versions of Huawei Campus S7700/S9300/S9700 switches are affected by the BootRom and Boot Menu vulnerability. 1. Unauthorized users are allowed to upgrade the bootrom or bootload software. Vulnerability ID: HWPSIRT-2014-0315 2. The BootRom Menu vulnerability allows unauthorized users to bypa...

8.8CVSS8.7AI score0.01019EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2013/05/16 12:0 a.m.18 views

Security Advisory-The Firewall Module of SPU Board Information Leakage Vulnerability of Huawei Campus Switch

The Service Process Unit SPU is the value-added service card of the Switch. SPU provides services such as load balancing, firewall, Network Address Translation NAT, IP Security IPSec, and NetStream. It mainly be deployed in network of carrier and enterprise customers, and provides network securit...

6.3AI score
Exploits0Affected Software3
Huawei
Huawei
added 2012/09/22 12:0 a.m.18 views

Security Advisory - Buffer Overflow in Huawei UTPS Back-End

The back-end software UTPS is the application software which is operated on the management data card of PC to realize the configuration and dial-up connection of data card, instant messages receiving and sending, telephone directory management and the like. The current product has a vulnerability...

6.7AI score
Exploits0Affected Software2
Huawei
Huawei
added 2018/01/03 12:0 a.m.17 views

Security Advisory - Memory Leak Vulnerability in Several Huawei products

There is a memory leak vulnerability in several Huawei products. An unauthenticated, remote attacker could craft malformed packets with specific parameters when connecting with the affect products by SFTP/SSH protocol. Due to insufficient validation of packets, successful exploit could cause a...

7AI score
Exploits0Affected Software8
Huawei
Huawei
added 2017/12/20 12:0 a.m.17 views

Security Advisory - Out-Of-Bounds Read Vulnerability in Some Huawei Products

Some Huawei products have an out-of-bounds read vulnerability. An unauthenticated attacker may send specific crafted H.323 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause device to reset. Vulnerability ID: HWPSIRT-2017-06160 Huawei...

6.9AI score
Exploits0Affected Software4
Huawei
Huawei
added 2016/06/29 12:0 a.m.17 views

Security Advisory - Weak Encryption Vulnerability in the OceanStor ReplicationDirector

OceanStor ReplicationDirector is designed to manage disaster recovery DR service of data centers DC for enterprises. Huawei OceanStor ReplicationDirector has weak encryption vulnerability. An attacker may exploit it to craft server certificate signatures. Vulnerability ID: HWPSIRT-2016-05156 Huaw...

7.1AI score
Exploits0Affected Software1
Huawei
Huawei
added 2015/12/09 12:0 a.m.17 views

Security Advisory - Baidu WormHole Vulnerability in Huawei Mobile Phones

Preinstalled Baidu apps in certain Huawei mobile phones have the WormHole vulnerability. An attacker can exploit this vulnerability to read information about, modify data in, or take control over the affected mobile phones. Vulnerability ID: HWPSIRT-2015-10045 Huawei has released software updates...

6.6AI score
Exploits0Affected Software2
Huawei
Huawei
added 2015/09/09 12:0 a.m.17 views

Security Advisory - Buffer Overflow Vulnerability in the FusionAccess

FusionAccess is a kind of virtual desktop applications based on Huawei cloud platform. Through the deployment of Huawei desktop cloud software on the cloud platform, customers can access the cloud desktop by the thin client device or other devices. There is a buffer overflow vulnerability in the...

7AI score
Exploits0Affected Software1
Huawei
Huawei
added 2015/09/09 12:0 a.m.17 views

Security Advisory - DoS Vulnerability in Huawei U1900 CLI Module

Huawei eSpace U1900 switch series provides professional IP voice solutions to meet communications requirements from various enterprises of different sizes. Huawei eSpace U1900 series includes eSpace U1910, U1911, U1930, U1960, U1980, and U1981. The U1900 series uses the Command Line Interface CLI...

6.8AI score
Exploits0Affected Software6
Huawei
Huawei
added 2013/12/28 12:0 a.m.17 views

Security Advisory-A DoS Vulnerability in the SSH Module on Huawei AR Router

On Some Huawei AR routers that receive a large number of SSH authentication attack packets with malformed data, legitimate users fail to log in through SSH. Attackers can construct massive attack packets to cause the AR routers to deny SSH login from legitimate users. HWPSIRT-2013-1255. This...

6.3AI score
Exploits0Affected Software5
Huawei
Huawei
added 2013/05/13 12:0 a.m.17 views

Security Advisory-Vulnerability of Session ID not Updating in VP9610/9620

VP viewpoint 9610/VP9620 is the multi-point control unit of Huawei Video Conference system. By testing, there is a vulnerability of “Session ID not updating” in VP9610/9620. Vulnerability ID: HWNSIRT-2013-0318 Currently, official fixs are available...

6.6AI score
Exploits0
Huawei
Huawei
added 2013/04/07 12:0 a.m.17 views

Security Advisory-The AR Abnormally Resets When Receiving Special DHCP Packets

Access Router AR is a low-end router of Huawei. It provides both mobile and fixed network access modes, applies to enterprises. In application processing on the live network, when special ip phone use DHCP to requests for address information from the AR, a special field is carried in the request...

6.4AI score
Exploits0
Huawei
Huawei
added 2020/11/18 12:0 a.m.16 views

Security Advisory - Improper Buffer Operation Restrictions Vulnerability on Huawei Smartphone

There is a vulnerability of improper buffer operation in Huawei smartphone. Due to improper restrictions, local attackers with high privileges can exploit the vulnerability to cause system heap overflow. Vulnerability ID: HWPSIRT-2020-08183 This vulnerability has been assigned a Common...

6.7CVSS6.5AI score0.00203EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/10/30 12:0 a.m.16 views

Security Advisory - Permission Control Vulnerability in Smart Phones

Some Huawei Smart phones have a permission control vulnerability. Due to improper authorization configuration on specific device information, an attacker with the root privilege can exploit this vulnerability to modify specific device information. Vulnerability ID: HWPSIRT-2017-08157 This...

2.3CVSS3.5AI score0.00215EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/12/21 12:0 a.m.16 views

Security Advisory - Multiple Vulnerabilities in MTK Platform

There are multiple vulnerabilities in MTK platform used in Huawei smart phones. There is a integer overflow vulnerability in MTK platform used in Huawei smart phones. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to escalate...

7.6AI score
Exploits0Affected Software1
Huawei
Huawei
added 2016/06/15 12:0 a.m.16 views

Security Advisory - Memory Leak Vulnerability in Several Huawei Products

There is a vulnerability in several Huawei devices: USG series, NGFW module, IPS module, NIP series and AntiDDoS8000. A memory leak vulnerability exists in these products. In hot standby networking where two devices are not directly connected, an attacker can craft a malformed packet, which...

7AI score
Exploits0Affected Software9
Huawei
Huawei
added 2021/01/27 12:0 a.m.15 views

Security Advisory - Out-of-Bound Read Vulnerability in Huawei Smartphone

There is an out-of-bound read vulnerability in Huawei smartphone. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service...

4.6CVSS4.5AI score0.00213EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/12/13 12:0 a.m.15 views

Security Advisory - Out-of-Bounds Memory Access Vulnerability on Some Huawei FireWall Products

There is an Out-of-Bounds memory access vulnerability in Huawei FireWall products due to insufficient verification. An authenticated local attacker can make processing crash by executing some commands. The attacker can exploit this vulnerability to cause a denial of service. Vulnerability ID:...

5.5CVSS5.3AI score0.00211EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/09/13 12:0 a.m.15 views

Security Advisory - Sensitive Information Disclosure Vulnerability on FusionSphere OpenStack

There is a sensitive information disclosure vulnerability on FusionSphere OpenStack. The software stores some sensitive information with insufficient access control. An unauthenticated remote attacker could get sensitive information by accessing certain ports. Vulnerability ID: HWPSIRT-2017-06223...

6.6AI score
Exploits0Affected Software1
Huawei
Huawei
added 2016/09/21 12:0 a.m.15 views

Security Advisory - DoS Vulnerability in Multiple Huawei Products

There is a DoS vulnerability in some Huawei products. Since the device does not validate the parameters in a certain command, an attacker with certain permissions could log in and deliver the command containing a malicious parameter to make the device restart. Vulnerability ID: HWPSIRT-2016-06064...

6.8CVSS6.5AI score0.00987EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2016/01/13 12:0 a.m.15 views

Security Advisory - DoS Vulnerability in Huawei CE Series Switches

Huawei CE series switches are high-performance switches designed for next-generation data centers. The CE series switches have a DoS vulnerability. An attacker logs in to the switches multiple times using a non-administrator account through a specific protocol to exploit this vulnerability...

7AI score
Exploits0
Total number of security vulnerabilities1006