Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
•added 2017/03/10 12:0 a.m.•45 views

Security Advisory - Information Leak Vulnerability in Huawei APP

Some Huawei APPs have an information leak vulnerability. When an iPhone with these APPs installed access the Wi-Fi hotpot built by attacker, the attacker can collect the information of iPhone mode and firmware version. Vulnerability ID: HWPSIRT-2017-02025 This vulnerability has been assigned a CV...

3.5CVSS4.1AI score0.00327EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2016/11/16 12:0 a.m.•45 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is a buffer overflow vulnerability in Connectivity Fault Management CFM function of some Huawei Products. When CFM is enabled and Maintenance Association End Point MEP is configured on the affected device, an adjacent attacker could exploit this vulnerability by sending crafted packets to t...

5.7CVSS5.9AI score0.00482EPSS
Exploits0Affected Software5
Huawei
Huawei
•added 2021/07/14 12:0 a.m.•44 views

Security Advisory - Logic Error Vulnerability in Several Smartphones

There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Vulnerability ID:...

4.6CVSS4.6AI score0.00159EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2021/05/26 12:0 a.m.•44 views

Security Advisory - Possible Out-Of-Bounds Read Vulnerability in Huawei Products

There is an out of bounds read vulnerability in some Huawei products. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal...

3.3CVSS3.7AI score0.00149EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/04/28 12:0 a.m.•44 views

Security Advisory - Multiple Threads Race Condition Vulnerability in Huawei Product

There is a multiple threads race condition vulnerability in Huawei product. A race condition exists for concurrent I/O read by multiple threads. An attacker with the root permission can exploit this vulnerability by performing some operations. Successful exploitation of this vulnerability may cau...

4.7CVSS4.2AI score0.00114EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2020/07/01 12:0 a.m.•44 views

Security Advisory - Improper Signature Verification Vulnerability in Some Huawei Smartphones

There is an improper signature verification vulnerability in some smartphones. The system does not improper check signature of specific software package, an attacker may exploit this vulnerability to load a crafted software package to the device. Vulnerability ID: HWPSIRT-2019-11220 This...

5.5CVSS5.4AI score0.0035EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/06/10 12:0 a.m.•44 views

Security Advisory - FasterXML Jackson-databind Injection Vulnerability in Huawei Products

It was found that jackson-databind, a Java library used to parse JSON and other data formats, could deserialize data without proper validation, allowing a maliciously client to perform remote code execution on a service with the required characteristics.Vulnerability ID: HWPSIRT-2020-02149 This...

9.8CVSS9.7AI score0.26587EPSS
Exploits5Affected Software1
Huawei
Huawei
•added 2019/12/11 12:0 a.m.•44 views

Security Advisory - Information Leakage Vulnerability on Some Huawei Products

There is an information leakage vulnerability on some Huawei products. An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition. Vulnerability ID: HWPSIRT-2019-04080 This vulnerability...

6.5CVSS6.2AI score0.00563EPSS
Exploits0Affected Software12
Huawei
Huawei
•added 2017/09/19 12:0 a.m.•44 views

Security Advisory - Multiple Vulnerabilities in MTK Platform

There are two buffer overflow vulnerabilities and one arbitrary memory write vulnerability in the camera driver of MTK platform in some Huawei smart phones. Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege an...

7.8CVSS8.1AI score0.00806EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/05/31 12:0 a.m.•44 views

Security Advisory - Four Command Injection Vulnerabilities in The FusionSphere OpenStack

The FusionSphere OpenStack has four command injection vulnerabilities due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. Vulnerability ID:...

8.8CVSS9.6AI score0.01423EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/09/05 12:0 a.m.•44 views

Security Advisory - Multiple Security Vulnerabilities in Huawei HiSuite

Huawei HiSuite PC client software has an information leak vulnerability. The software provides the function for configuring the proxy server. The password textbox on the proxy configuration UI do not disable the password copy function. An attacker who can log in to the system can copy out the...

7.8CVSS6.7AI score0.00269EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/07/13 12:0 a.m.•44 views

Security Advisory - Input Validation Vulnerability in Huawei Routers

There is an input validation vulnerability in Huawei access routers, an attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. An exploit could allow the attacker to cause a Denial of Service or remote code execution. Vulnerability ID:...

10CVSS9.7AI score0.03844EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2015/09/23 12:0 a.m.•44 views

Security Advisory - Multiple Vulnerabilities in Huawei FusionServer Products

Multiple security vulnerabilities exist in Huawei FusionServer products. Command injection vulnerability exists in Huawei FusionServer products. An attacker could change the input parameters on the login page and enter commands, such as user creation command. Vulnerability ID: HWPSIRT-2015-06075...

10CVSS8.3AI score0.02113EPSS
Exploits0Affected Software10
Huawei
Huawei
•added 2023/05/17 12:0 a.m.•43 views

Security Advisory - Traffic Hijacking Vulnerability in Huawei Routers

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers.Vulnerability ID:HWPSIRT-2022-82592 This vulnerability has been assigned a CVEID:CVE-2022-48469...

6.5CVSS6.7AI score0.00304EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2022/08/31 12:0 a.m.•43 views

Security Advisory - Traffic Hijacking Vulnerability in Huawei Routers

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers. Vulnerability ID: HWPSIRT-2021-21766 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2021-46835. For...

4.3CVSS4.5AI score0.00253EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/05/19 12:0 a.m.•43 views

Security Advisory - Out of Bounds Write Vulnerability in Huawei CloudEngine Product

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal. Vulnerability ID:...

5.3CVSS5.3AI score0.00685EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2020/11/04 12:0 a.m.•43 views

Security Advisory - Insecure Encryption Algorithm Vulnerability in Some Huawei Products

Some Huawei products have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak. Vulnerability ID: HWPSIRT-2020-05067 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2020-912...

4.4CVSS4.6AI score0.00112EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/09/30 12:0 a.m.•43 views

Security Advisory - Out-of-bounds Read and Write Vulnerability in Some Huawei Products

There is an out-of-bounds read and write vulnerability in some products. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot...

7.1CVSS5.5AI score0.00471EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/07/15 12:0 a.m.•43 views

Security Advisory - Path Traversal Vulnerability in Several Smartphones

There is a path traversal vulnerability in several smartphones. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path. Vulnerability ID: HWPSIRT-2019-10116 This vulnerability has been assigned a...

2.3CVSS3.5AI score0.00226EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2020/07/08 12:0 a.m.•43 views

Security Advisory - Improper Input Verification Vulnerability in Huawei Smartphone

There is an improper input verification vulnerability in Huawei smartphone. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting malicious fragment. This may lead to user information leak...

5.5CVSS5.2AI score0.00222EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/04/08 12:0 a.m.•43 views

Security Advisory - Insufficient Integrity Validation Vulnerability in Several Products

There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB. Vulnerability ID:...

4.6CVSS4.6AI score0.00145EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2019/12/11 12:0 a.m.•43 views

Security Advisory - Information Disclosure Vulnerability in Several Smartphones

There is an information disclosure vulnerability in certain Huawei smartphones. The software does not properly handle certain information of application locked by applock in a rare condition, successful exploit could cause information disclosure. Vulnerability ID: HWPSIRT-2018-08142 This...

4.6CVSS4.3AI score0.00234EPSS
Exploits0Affected Software54
Huawei
Huawei
•added 2018/04/25 12:0 a.m.•43 views

Security Advisory - Remote Control Vulnerability in RCS Module of Some Huawei Smart Phones

There is a remote control vulnerability in RCS module of some Huawei smart phones. An attacker can trick a user to install a malicious application. When the application connects with RCS for the first time, it needs user to manually click to agree. In addition, the attacker needs to obtain the ke...

5.8CVSS4.6AI score0.00469EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/12/20 12:0 a.m.•43 views

Security Advisory - Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products

The CIDAM Protocol on Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the attacker...

6.5CVSS6.7AI score0.01028EPSS
Exploits0Affected Software7
Huawei
Huawei
•added 2017/12/13 12:0 a.m.•43 views

Security Advisory - Memory Leak Vulnerability in Some Huawei FireWall Products

Some Huawei FireWall products have a memory leak vulnerability due to memory don't be released when an local authenticated attacker execute special commands many times. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.Vulnerability ID:...

5.5CVSS5.5AI score0.00211EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/11/03 12:0 a.m.•43 views

Security Advisory - Seven vulnerabilities in Google Dnsmasq

Dnsmasq is a widely used piece of open-source softwarea designed to provide DNS, DHCP, Dnsmasq 2.77 and before version contains 7 security vulnerabilities. There is a heap buffer overflow vulnerability in dnsmasq in the code responsible when building DNS replies. An attacker could send crafted DN...

9.8CVSS8.7AI score0.93307EPSS
Exploits32Affected Software1
Huawei
Huawei
•added 2016/01/04 12:0 a.m.•43 views

Security Advisory - Multiple Security Vulnerabilities in Driver of Huawei Smart Phones

There are multiple security vulnerabilities in driver of some Huawei smart phones. There are two interface access control vulnerabilities in Graphics driver. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to crash the system or...

9.3CVSS8AI score0.00758EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2015/09/30 12:0 a.m.•43 views

Security Advisory - Information Leak Vulnerability in Certain Huawei Products

Some Huawei products have two information leak vulnerabilities caused by improper encryption mechanisms. Users can use reversible or irreversible encryption algorithms to encrypt passwords. If a reversible encryption algorithm is used to encrypt administrators' passwords, an attacker with high...

4.9CVSS5.3AI score0.00359EPSS
Exploits0Affected Software7
Huawei
Huawei
•added 2022/12/08 12:0 a.m.•42 views

Security Advisory - Denial of Service Vulnerability in Huawei Smart WiFi Router

There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service DoS condition. Vulnerability ID:HWPSIRT-2022-59488 This vulnerability has been assigned a CVE ID: CVE-2022-46740...

6.5CVSS6AI score0.00309EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2022/01/19 12:0 a.m.•42 views

Security Advisory - Information Exposure Vulnerability on Several Huawei Products

There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Vulnerability ID: HWPSIRT-2020-32928 This vulnerability has been assigned ...

5.5CVSS5AI score0.00169EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2021/12/29 12:0 a.m.•42 views

Security Advisory - Cross-Site Scripting(XSS) Vulnerability in Huawei WS318n Product

There is a Cross-Site ScriptingXSS vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain...

4.2CVSS4AI score0.00168EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/05/26 12:0 a.m.•42 views

Security Advisory - Out-of-Bounds Read Vulnerability On Several Huawei Products

There is an out-of-bounds read vulnerability on several Huawei products. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between system process, successful exploit could cause Denial of Servic...

5.5CVSS5.3AI score0.00156EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2021/02/03 12:0 a.m.•42 views

Security Advisory - Improper Permission Assignment Vulnerability in Huawei ManageOne Product

There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain user to do certain operations with improper permission. Vulnerability ID: HWPSIRT-2020-8163...

7.2CVSS6.9AI score0.00725EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/02/03 12:0 a.m.•42 views

Security Advisory - Information Leakage Vulnerability in Some Huawei Products

There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause the information leak. Vulnerability ID:...

4.4CVSS4.5AI score0.00186EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2020/11/25 12:0 a.m.•42 views

Security Advisory - Out-of-bounds Read Vulnerability in Some Huawei Smartphones

There is an out-of-bounds read and write vulnerability in smartphone products. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet to the affected products. Due to insufficient validation of packet, which may be exploited to cause the...

7.8CVSS7.8AI score0.00249EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2020/09/30 12:0 a.m.•42 views

Security Advisory - Out-of-Bounds Read Vulnerability in Some Huawei Smart Phone

There is an out-of-bounds read vulnerability in XFRM module of some Huawei smart phone. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information leak. Vulnerabilit...

5.5CVSS5.2AI score0.00205EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/09/02 12:0 a.m.•42 views

Security Advisory - DoS Vulnerability in Some Huawei Smart Phones

There is a denial of service DoS vulnerability in some Huawei smart phones. The attacker can enter a large amount of text on the phone. Due to insufficient verification of the parameter, successful exploitation can impact the service. Vulnerability ID: HWPSIRT-2019-09107 This vulnerability has be...

2.4CVSS3.5AI score0.0021EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/08/05 12:0 a.m.•42 views

Security Advisory - Local Privilege Escalation Vulnerability in Huawei FusionCompute Product

There is a local privilege escalation vulnerability in Huawei FusionCompute product. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. Vulnerabili...

7.8CVSS7.6AI score0.00219EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/07/22 12:0 a.m.•42 views

Security Advisory - Information Exposure Vulnerability in Some Huawei Smart Phones

There is an information exposure vulnerability in some Huawei smart phones. The system does not properly authenticate the application that access a specified interface. Attackers can trick users into installing malicious software to exploit this vulnerability and obtain some information about the...

4.3CVSS3.6AI score0.00512EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/07/15 12:0 a.m.•42 views

Security Advisory - Out-of-bounds Write Vulnerability in Some Huawei Products

There is an out-of-bounds write vulnerability in some products. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. Vulnerability...

6.5CVSS6.5AI score0.00329EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2018/04/23 12:0 a.m.•42 views

Security Advisory - Two Vulnerabilities in APPGallery of Huawei Smart Phones

There is a whitelist mechanism bypass vulnerability and an arbitrary Javascript running vulnerability in Huawei AppGallery. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious...

8.8CVSS5.5AI score0.00666EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2018/03/07 12:0 a.m.•42 views

Security Advisory - Authentication Bypass Vulnerability in Some Huawei Smart Phones

The soundtrigger module of some Huawei smart phones has an authentication bypass vulnerability due to the improper design of the module. An attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability to replace related authentication...

5.5CVSS5.6AI score0.00834EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/11/15 12:0 a.m.•42 views

Security Advisory - Multiple Vulnerabilities in MTK Platform

There are multiple vulnerabilities in MTK platform used in Huawei smart phones. There is a out-of-bound read vulnerability in MTK platform used in Huawei smart phones. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter and cause to memor...

6.1CVSS5.8AI score0.00645EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/11/08 12:0 a.m.•42 views

Security Advisory - Information Leak Vulnerability in Huawei FusionSphere OpenStack

Huawei FusionSphere OpenStack has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak. Vulnerability ID: HWPSIRT-2017-07112 This...

4.3CVSS4AI score0.00606EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/08/07 12:0 a.m.•42 views

Security Advisory - Two Vulnerabilities in Smart Phones

Some Huawei smart phones have an unlock code verification bypassing vulnerability. An attacker with the root privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. Vulnerability ID: HWPSIRT-2017-04121 This vulnerability...

7.2CVSS6.5AI score0.0028EPSS
Exploits0Affected Software9
Huawei
Huawei
•added 2017/08/01 12:0 a.m.•42 views

Security Advisory - Multiple Buffer Overflow Vulnerabilities in Driver of Huawei Smart Phone

The driver of some Huawei smart phones have six buffer overflow vulnerabilities due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege of the Android system, the APP can send a specific parameter to the driver of the smart...

9.3CVSS8.3AI score0.01001EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2017/03/23 12:0 a.m.•42 views

Security Advisory - Bluetooth Unlock Bypassing Vulnerability in Some Huawei Mobile Phones

Some Huawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen. Vulnerability ID:...

6.9CVSS6.3AI score0.00246EPSS
Exploits0Affected Software16
Huawei
Huawei
•added 2016/12/28 12:0 a.m.•42 views

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

Factory Reset Protection FRP is a security method that was designed to make sure someone can't just wipe and factory reset the phone if user lost it or it was stolen. The FRP in some Huawei smart phones can be bypass. An attacker can bypass the FRP by special steps and wipe and factory reset the...

7.2CVSS6.6AI score0.00244EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/09/26 12:0 a.m.•42 views

Security Advisory - Privilege Escalation Vulnerability in Huawei Multiple Smart Phones

There is a privilege escalation vulnerability in Android kernel due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can modify the data of kernel to crash the system or escalate user privilege. Vulnerability ID:...

9.3CVSS7.7AI score0.00582EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2016/05/27 12:0 a.m.•42 views

Security Advisory - Apache Struts2 Remote Code Execution Vulnerability in Huawei Products

Apache Struts2 released a remote code execution vulnerability in S2-032 on the official website,when Dynamic Method Invocation DMI is enabled, an exploit could allow the attacker to cause remote code execution.Vulnerability ID: HWPSIRT-2016-04052 This vulnerability has been assigned a Common...

9.3CVSS8.2AI score0.9373EPSS
Exploits12Affected Software16
Total number of security vulnerabilities1006