Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
added 2015/11/24 12:0 a.m.42 views

Security Advisory - Memory Overflow Vulnerability in the Huawei Smartphone

There has a memory overflow vulnerability in Some Huawei mobile phone products. An attacker may exploit this vulnerability to gain the root access over the mobile phones. Then the attacker can further modify memory data and obtain sensitive information. Vulnerability ID: HWPSIRT-2015-10046 This...

9.3CVSS7.9AI score0.06468EPSS
Exploits4Affected Software1
Huawei
Huawei
added 2015/09/19 12:0 a.m.42 views

Security Advisory - Bar Mitzvah Attack Vulnerability in Huawei Products

A security vulnerability exists in Rivest Cipher 4 RC4 used by TLS and SSL protocols. RC4 cannot provide sufficient data protection. After listening to an SSL or TLS connection, an attacker can obtain plaintext data by brute force cracking. This vulnerability is also called Bar Mitzvah...

5CVSS5.2AI score0.74006EPSS
Exploits0Affected Software36
Huawei
Huawei
added 2014/12/24 12:0 a.m.42 views

Security Advisory-Memory Leak Vulnerability on USG products

The HUAWEI USG9560/9520/9580 is a high-end 10-Gigabit Firewall. The USG9560/9520/9580 applies to Internet backbone networks, IP dedicated backbone networks, IP metropolitan area networks MANs, Internet data center IDC egress. This security gateway provides multiple powerful and all-round security...

7.8CVSS7.3AI score0.00807EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2024/06/19 12:0 a.m.41 views

Security Advisory - Path Traversal Vulnerability in Huawei Home Music System

Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.Vulnerability ID:HWPSIRT-2023-53450 This vulnerability has been assigned a CVEID:CVE-2023-7263...

7.3CVSS6.7AI score0.00266EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2023/02/01 12:0 a.m.41 views

Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions.Vulnerability ID:HWPSIRT-2022-52968 This vulnerability has been assigned a CVE ID: CVE-2022-48...

9.8CVSS8.5AI score0.00472EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/01/27 12:0 a.m.41 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Mobile Phones

Some Huawei products have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow. Vulnerability ID: HWPSIRT-2020-43452 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID:...

6.7CVSS6.7AI score0.00223EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/12/16 12:0 a.m.41 views

Security Advisory - Improper Authentication Vulnerability in Huawei Product

There is an improper authentication vulnerability in Huawei Products. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service. Vulnerability ID:...

7.8CVSS7.7AI score0.00559EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2020/08/05 12:0 a.m.41 views

Security Advisory - Denial of Service Vulnerability in Several Smartphones

There is a denial of service vulnerability in several smartphones. Certain system configuration can be modified because of improper authorization. The attacker should trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of...

5.5CVSS5.3AI score0.00469EPSS
Exploits0Affected Software9
Huawei
Huawei
added 2020/06/10 12:0 a.m.41 views

Security Advisory - Improper Authentication Vulnerability in Some Huawei Smartphones

There is an improper authentication vulnerability in some Huawei smartphones. Due to the identity of the message sender is not properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL. Vulnerability ID: HWPSIRT-2019-1213...

6.8CVSS6.6AI score0.00599EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2019/01/09 12:0 a.m.41 views

Security Advisory - Two Vulnerabilities in Huawei PCManager Product

There is a privilege escalation vulnerability in Huawei PCManager product. Successful exploitation may cause the attacker to obtain a higher privilege. Vulnerability ID: HWPSIRT-2018-11141 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2019-5241. There is ...

9.3CVSS8AI score0.01009EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/11/14 12:0 a.m.41 views

Security Advisory - Anonymous TLS Cipher Suite Supported Vulnerability in Huawei eSpace Product

There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploite...

7.4CVSS7.3AI score0.01108EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/05/23 12:0 a.m.41 views

Security Advisory - Three JSON Injection Vulnerabilities in Huawei Some Products

There are three JSON injection vulnerabilities in Huawei some product. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system...

8.8CVSS9.1AI score0.01106EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2018/02/14 12:0 a.m.41 views

Security Advisory - Out-Of-Bounds Write Vulnerability on Several Huawei Products

There is an out-of-bounds write vulnerability on several Huawei products. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticate...

7.1CVSS6.8AI score0.01058EPSS
Exploits0Affected Software21
Huawei
Huawei
added 2018/02/07 12:0 a.m.41 views

Security Advisory - Three Vulnerabilities in SCCPX Module of Some Huawei Products

There is an out-of-bounds read vulnerability in SCCPX module of some Huawei products. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of produc...

5.3CVSS5.6AI score0.00909EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2018/01/31 12:0 a.m.41 views

Security Advisory - Improper Authorization Vulnerability on iBMC

There is an improper authorization vulnerability on iBMC. The software incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by admin user. Successful exploit could cause information disclosure. Vulnerability ID...

4.3CVSS4.3AI score0.00552EPSS
Exploits0Affected Software20
Huawei
Huawei
added 2017/01/25 12:0 a.m.41 views

Security Advisory - Authentication Bypass Vulnerability in the 'Find Phone' Function of some Huawei Smart Phones

The 'Find Phone' function of some Huawei smart phones has an authentication bypass vulnerability. An unauthenticated attacker may wipe and factory reset the phone by special steps. Due to missing authentication of the 'Find Phone' function, an attacker may exploit the vulnerability to bypass the...

5.2AI score0.00281EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/12/28 12:0 a.m.41 views

Security Advisory - Input Validation Vulnerability in Huawei VRP Platform

There is an input validation vulnerability in some Huawei devices using VRP. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakag...

4.3CVSS4.5AI score0.00858EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2016/11/23 12:0 a.m.41 views

Security Advisory - Multiple Security Vulnerabilities in Huawei Smart Phone Products

The TrustZone driver of some Huawei smart phone products has an input validation vulnerability. An attacker may trick the target user into installing a malicious APP which could exploit this vulnerability to pass specific parameters to the TrustZone driver. Successful exploit could cause the syst...

9.3CVSS5.8AI score0.00751EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2016/08/10 12:0 a.m.41 views

Security Advisory - Buffer Overflow Vulnerability in Huawei USG Products

The Authentication, Authorization and Accounting AAA module in the USG products has a buffer overflow vulnerability. A remote attacker can send crafted Enterprise Application Platform EAP packets to the USG products through a Remote Authentication Dial In User Service RADIUS server which has...

7.5CVSS8.1AI score0.03327EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2015/11/24 12:0 a.m.41 views

Security Advisory - Path Traversal Vulnerability in Huawei Home Gateway Products

There is a path traversal vulnerability on several Huawei home gateway products. The products do not properly validate HTTP requests received by a specific port. An remote attacker may access the local files on the device without authentication by crafting an HTTP request and sending it to the...

5CVSS6.5AI score0.27528EPSS
Exploits2Affected Software3
Huawei
Huawei
added 2015/02/13 12:0 a.m.41 views

Security Advisory-Information Leakage Vulnerability in Huawei P7 Smartphone

MeWidget is a plug-in of Huawei Emotion UI. The MeWidget module on Huawei smartphone P7 has a vulnerability that could lead to the disclosure of contact information. Attackers can obtain the name and URI information of mobile phone users through the malware installed on the smartphones...

4.3CVSS4.4AI score0.00458EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2014/09/24 12:0 a.m.41 views

Security Advisory-Information Leakage Vulnerability via MPLS Ping in VRP Platform

VRP Versatile Routing Platform has been developed by Huawei to provide improved IP routing services. The VRP has been widely applied to network devices, including high-end and low-end switches and routers, wireless and transmission devices. Information leakage vulnerability exists in several...

5.3CVSS5.3AI score0.00605EPSS
Exploits0Affected Software26
Huawei
Huawei
added 2023/02/08 12:0 a.m.40 views

Security Advisory - Identity Authentication Bypass Vulnerability in The Huawei Children Smart Watch (Simba-AL00)

The Huawei Children Smart Watch Simba-AL00 has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail.Vulnerability ID:HWPSIRT-2022-18770 This vulnerability has been assigned a CVE ID:...

5.5CVSS5.7AI score0.00138EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2022/06/01 12:0 a.m.40 views

Security Advisory - Insufficient Input Verification Vulnerability In Huawei Product

There is an insufficient input verification vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to service abnormal. Vulnerability ID: HWPSIRT-2022-76192 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32144. For...

8.6CVSS6.3AI score0.00167EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2022/04/06 12:0 a.m.40 views

Security Advisory - Improper Authentication Management Vulnerability in some Huawei Products

There is an improper authentication vulnerability in some huawei products.Successful exploitation of this vulnerability may lead to a control of the victim device. Vulnerability ID: HWPSIRT-2021-30580 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID:...

7.2CVSS6.8AI score0.00194EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/09/22 12:0 a.m.40 views

Security Advisory - Command Injection Vulnerability in Huawei FusionCompute Product

There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful...

9CVSS8.9AI score0.00946EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/05/12 12:0 a.m.40 views

Security Advisory - Weak Secure Algorithm Vulnerability in Huawei Product

There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak. Vulnerability ID:...

5.9CVSS5.5AI score0.00403EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2020/10/14 12:0 a.m.40 views

Security Advisory - Buffer Overflow Vulnerability in the Bluetooth Module of Some Huawei Mobile Phones

There is a buffer overflow vulnerability in the Bluetooth module of some Huawei mobile phones. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution. Vulnerabilit...

8CVSS8.2AI score0.0043EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/09/30 12:0 a.m.40 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

Some Huawei products have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution. Vulnerability ID: HWPSIRT-2020-04125...

7.8CVSS8AI score0.00794EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/07/29 12:0 a.m.40 views

Security Advisory - Improper Authorization Vulnerability in Huawei Product

There is an improper authorization vulnerability in Huawei FusionComput. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service. Vulnerability ID:...

6.7CVSS6.7AI score0.00227EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/05/13 12:0 a.m.40 views

Security Advisory - Improper Authentication Vulnerability in Some Huawei Smartphones

There is an improper authentication vulnerability in some Huawei smartphones. The vulnerability is due to that when an user wants to do certain operation, the software insufficiently validate the user's identity. Attackers need to physically access the smartphone to exploit this vulnerability...

2.4CVSS3.7AI score0.00222EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/10/30 12:0 a.m.40 views

Security Advisory - Information Leak Vulnerability in Some Huawei Products

Some Huawei mobile phones have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information. Vulnerability ID: HWPSIRT-2019-04053 This vulnerability has been assigned a...

3.3CVSS3.6AI score0.00209EPSS
Exploits0Affected Software9
Huawei
Huawei
added 2018/07/04 12:0 a.m.40 views

Security Advisory - Memory Leak Vulnerability on Several Products

There is a memory leak vulnerability on several products. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory...

7.8CVSS7.5AI score0.0132EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2018/01/30 12:0 a.m.40 views

Security Advisory - Buffer Overflow Vulnerability in the NFC Module of Some Huawei Mobile Phones

The Near Field Communication NFC module of some Huawei mobile phones has a buffer overflow vulnerability due to the lack of input validation. An attacker may use an NFC card reader or another device to inject malicious data into a target mobile phone. Successful exploit could lead to system resta...

8.8CVSS9AI score0.00623EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/11/29 12:0 a.m.40 views

Security Advisory - Remote Code Execution Vulnerability in Microsoft Windows Server Service

Microsoft released a security bulletin MS08-067 to disclose a remote code execution vulnerability in the Server service. An unauthenticated, remote attacker may send a specially crafted RPC request to the affected products. Successful exploit may result in arbitrary code execution. Vulnerability...

10CVSS9.6AI score0.98751EPSS
Exploits12Affected Software2
Huawei
Huawei
added 2017/10/25 12:0 a.m.40 views

Security Advisory - Information Leak Vulnerability in Huawei FusionSphere Openstack

There is an information leak vulnerability in Huawei FusionSphere Openstack. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing the internal network may obtain sensitive information transmitted. Vulnerability ID:...

4.3CVSS4.4AI score0.00266EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/10/13 12:0 a.m.40 views

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

There is Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection FRP function, an attacker can login the Swype and can perform some operations to update the Google account. As a result, the FRP...

4.9CVSS4.7AI score0.00232EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/08/29 12:0 a.m.40 views

Security Advisory - App Lock Bypass Vulnerability in Huawei Mobile Phones

App Lock is a function provided by the Phone Manager app to prevent unauthorized use of apps on mobile phones. Some Huawei mobile phones have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone temporarily...

7.2CVSS6.6AI score0.00298EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/02/08 12:0 a.m.40 views

Security Advisory - MITM Vulnerability in Huawei Vmall APP

The upgrade package of Huawei Vmall APP is transferred through HTTP. A man in the middle MITM can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications. Vulnerability ID: HWPSIRT-2016-11068 This vulnerability has been assigned a Common Vulnerabilities and...

3.1CVSS3.8AI score0.00178EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/10/26 12:0 a.m.40 views

Security Advisory - Two Information Leak Vulnerabilities in ION Memory Management Module of Huawei Smart Phone

Two information leak vulnerabilities exist in the ION memory management module of some Huawei mobile phones due to the lack of initialization during memory allocation. Vulnerability ID: HWPSIRT-2016-09032 and HWPSIRT-2016-09033 These two vulnerabilities have been assigned CVE ID: CVE-2016-8757 an...

5.5CVSS5.4AI score0.01457EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2014/08/21 12:0 a.m.40 views

Security Advisory - Remote Security Bypass Vulnerability on Huawei Android Devices

Android version 4.1.1 - 4.4.2 is prone to a remote security bypass vulnerability CVE-2013-6272: A vulnerability in the Android system allows an attacker to initiate or terminate arbitrary calls without the callphone permission. After investigation, we confirm that some Huawei smartphone and table...

7.8CVSS7.3AI score0.01493EPSS
Exploits1Affected Software8
Huawei
Huawei
added 2023/04/26 12:0 a.m.39 views

Security Advisory - Misinterpretation of Input Vulnerability in Huawei Printer

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal. Vulnerability ID:HWPSIRT-2022-47904 This vulnerability has been assigned a CVE ID: CVE-2022-48471...

7.5CVSS6AI score0.00441EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2022/05/23 12:0 a.m.39 views

Security Advisory - Denial of Service Vulnerability in some Huawei Products

There is a denial of service vulnerability in some Huawei products. Successful exploitation could cause denial of service. Vulnerability ID: HWPSIRT-2022-27465 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-29798. For products that have released...

7.8CVSS7.4AI score0.00609EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/10/20 12:0 a.m.39 views

Security Advisory - CSV Injection Vulnerability in Some Huawei Products

There is a CSV injection vulnerability in some Huawei Products. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files ...

6.8CVSS6.6AI score0.00561EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2021/04/07 12:0 a.m.39 views

Security Advisory - Denial of Service Vulnerability in Some Products

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Vulnerability ID: HWPSIRT-2020-70186 This vulnerability has been...

7.5CVSS7.4AI score0.00677EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2021/03/31 12:0 a.m.39 views

Security Advisory - Arbitrary Memory Write Vulnerability in Huawei Smart Phone

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Vulnerability ID: HWPSIRT-2020-04031 This vulnerability has been assigned a Common...

6.5CVSS6.5AI score0.00534EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/03/24 12:0 a.m.39 views

Security Advisory - Denial of Service Vulnerability in Huawei Product

There is a denial of service vulnerability in Huawei product. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal...

7.5CVSS7.3AI score0.00677EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2020/11/18 12:0 a.m.39 views

Security Advisory - Privilege Escalation Vulnerability in FusionCompute Product

There is a privilege escalation vulnerability in FusionCompute product. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause privilege escalation...

7.8CVSS7.8AI score0.00216EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/10/14 12:0 a.m.39 views

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Smartphones

There has a privilege elevation vulnerability in some smartphones. Due to lack of privilege restrictions on some of the business functions of the device. An attacker could exploit this vulnerability to access the protecting information, resulting in the elevation of the privilege. Vulnerability I...

7.8CVSS7.6AI score0.00195EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/12/15 12:0 a.m.39 views

Security Advisory - Multiple Vulnerabilities in XML Parser of Some Huawei Products

There are multiple buffer overflow vulnerabilities in some Huawei products due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks or remote code execution on the device. Vulnerability ID...

7.8CVSS6.7AI score0.00578EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1006