Security Advisory - Information Exposure Vulnerability in Some Smart Phones

There is an information exposure vulnerability in some Huawei smart phones. When the user's smart phone connects to the malicious device for charging, an unauthenticated attacker may activate some specific function by sending some specially crafted messages. Due to insufficient input validation o...

Security Advisory - Authentication Bypass Vulnerability in Some Huawei Servers

The iBMC Intelligent Baseboard Management Controller of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some...

Security Advisory - Three JSON Injection Vulnerabilities in Huawei Some Products

There are three JSON injection vulnerabilities in Huawei some product. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system...

Security Advisory - Numeric Errors Vulnerability in Some Huawei Products

Some Huawei products have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause...

Security Advisory - Authentication Bypass Vulnerability in Some Smart Phones

There is an authentication bypass vulnerability in some Huawei smart phones. An attacker with high privilege obtains the smart phone and bypass the activation function by some specific operations. Vulnerability ID: HWPSIRT-2018-03001 This vulnerability has been assigned a Common Vulnerabilities a...

Security Advisory - Authentication Bypass Vulnerability in Huawei iBMC Products

There is an authentication bypass vulnerability in Huawei iBMC products. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege...

Security Advisory - Path Traversal Vulnerability in Some Huawei Home Gateway Products

There is a path traversal vulnerability on some Huawei home gateway products. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful explo...

Security Advisory - DoS Vulnerability in Some Huawei MBB Products

Some Huawei MBB Mobile Broadband products have a Denial of Service DoS vulnerability. When an attacker accessing device sends special http request to device, the webserver process will try to apply too much memory which can cause the device to become unable to respond. An attacker can launch a Do...

Security Advisory - Invalid Memory Access Vulnerability in Some Huawei Products

There is an invalid memory access vulnerability in some Huawei products. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some...

Security Advisory - Remote Control Vulnerability in RCS Module of Some Huawei Smart Phones

There is a remote control vulnerability in RCS module of some Huawei smart phones. An attacker can trick a user to install a malicious application. When the application connects with RCS for the first time, it needs user to manually click to agree. In addition, the attacker needs to obtain the ke...

Security Advisory - Two Vulnerabilities in APPGallery of Huawei Smart Phones

There is a whitelist mechanism bypass vulnerability and an arbitrary Javascript running vulnerability in Huawei AppGallery. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious...

Security Advisory - Buffer Error Vulnerability in Some Huawei Products

There are a buffer error vulnerability in Electronic Numbers to URI Mapping ENUM module some Huawei products. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the...

Security Advisory - Improper Resource Management Vulnerability in Some Huawei Products

There is an improper resource management vulnerability in some AR series products. Due to the improper implementation of ACL mechanism, a remote attacker may send TCP messages to the management interface of the affected device to exploit this vulnerability. Successful exploit could exhaust the...

Security Advisory - Buffer Overflow Vulnerability in Inputhub Driver of Huawei Smart Phone

The inputhub driver of some Huawei mobile phones has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and the APP may sends specific data to the inputhub driver to exploit this vulnerablity, successful exploit could...

Security Advisory - Double Free Vulnerability in Some Huawei Smart Phones

The Mali Driver of some Huawei smart phones has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause system reboot. Vulnerability ID: HWPSIRT-2018-02020...

Security Advisory - Authentication Bypass Vulnerability in Some Pre-installed Apps on Huawei Phones

There is an authentication bypass vulnerability in some pre-installed apps on Huawei mobile phones due to insufficient validation on invocation requests. An attacker may trick a user into installing a malicious app which can invoke the open interfaces of the vulnerable apps to install any apps...

Security Advisory - Invalid Memory Access Vulnerability in Some Huawei Products

There is an invalid memory access vulnerabilities in SCCPX module of some Huawei products. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal. Vulnerability...

Security Advisory - Information Leak Vulnerability in the NFC Module of Some Huawei Mobile Phones

There is an information leak vulnerability in the Near Field Communication NFC module of some Huawei mobile phones due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's mobile phone using the NFC function, the attacker can obtain...

Security Advisory - Improper Authorization Vulnerability on Huawei Switch Products

There is an improper authorization vulnerability on Huawei switch products. The system incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by authenticated user. Successful exploit could cause information...

Security Advisory - Weak Algorithm Vulnerability on Huawei Products

There is a weak encryption algorithm security vulnerability in the DBS3900 TDD LTE. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit th...

Security Advisory - Integer overflow Vulnerability in Bdat Driver of Huawei Smart Phone

The Bdat driver of some Huawei smart phones has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can send a specific parameter to the driver of the smart phone, causing...

Security Advisory - Information Disclosure Vulnerability on Huawei Smartphones

There is an information disclosure vulnerability on Huawei smartphones. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in kernel...

Security Advisory - Array Out-of-bounds Read Vulnerability in Huawei Smartphone Products

There is an array out-of-bounds read vulnerability in Huawei Smartphone products. Due to the lack verification of array, an attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker to read out of bounds of array and possib...

Security Advisory - Out-of-bounds Read Vulnerability in Huawei Smartphone Products

There is an out-of-bounds read vulnerability in Huawei Smartphone products. Due to the lack string terminator of string, an attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker to read out of bounds and possibly cause...

Security Advisory - Memory Double Free Vulnerability on Huawei Smartphones

There is a memory double free vulnerability on Huawei smartphones. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code...

Security Advisory - Buffer Overflow Vulnerability in eNSP Software

There is a buffer overflow vulnerability in eNSP software. Due to the improper validation of specific command line parameter, a local attacker could exploit this vulnerability to cause the software process abnormal. Vulnerability ID: HWPSIRT-2017-12012 This vulnerability has been assigned a Commo...

Security Advisory - Information Disclosure Vulnerability on Honor Smart Scale Application

There is an information disclosure vulnerability on Honor Smart Scale application. The application does not sufficiently restrict the resource which can be accessed by certain protocol. An attacker could trick the user to click a malicious link, successful exploit could cause information...

Security Advisory - Authentication Bypass Vulnerability in Some Huawei Smart Phones

The soundtrigger module of some Huawei smart phones has an authentication bypass vulnerability due to the improper design of the module. An attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability to replace related authentication...

Security Advisory - Information Leak Vulnerability in Some Huawei Products

There is an information leak vulnerability in the NFC Near Field Communication module of some Huawei mobile phones. The attacker has to trick a user to do some specific operations and then craft the NFC message to exploit this vulnerability. Successful exploit will cause some information leak...

Security Advisory - Permission Control Vulnerability in Huawei Video Application

There is a permission control vulnerability in Huawei video applications. Due to improper verification of specific infterface, an attacker who is on the same network with the user can obtain some information through a man-in-the-middle attack. Vulnerability ID: HWPSIRT-2018-02026 This vulnerabili...

Security Advisory - Buffer Error Vulnerability in Some Huawei Products

There is a buffer overflow vulnerability in the SCCP Signalling Connection Control Part module of some Huawei products. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service...

Security Advisory - Out-of-Bounds Read Vulnerability in Some Huawei Products

There is an out-of-bounds read vulnerability in the SFTP module of some Huawei products. A remote, authenticated attacker could exploit this vulnerability by sending specially crafted messages to a target device. Successful exploit may cause some information leak. Vulnerability ID:...

Security Advisory - Remote Code Execution Vulnerability in Jackson JSON library of Apache Struts2

Apache Struts2 released a remote code execution vulnerability in S2-055 on the official website. An attacker is possible to perform a Remote Code Execution RCE attack with a malicious JSON packet. Vulnerability ID: HWPSIRT-2017-12002 This vulnerability has been assigned a Common Vulnerabilities a...

Security Advisory - Out-Of-Bounds Write Vulnerability on Several Huawei Products

There is an out-of-bounds write vulnerability on several Huawei products. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticate...

Security Advisory - Out-of-Bounds Memory Access Vulnerability in the GPU Driver of Huawei Mobile Phones

There is a out-of-bounds memory access vulnerability in the GPU driver of some Huawei smart phones due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause...

Security Advisory - Two Out-of-Bounds Read Vulnerabilities in Some Huawei Products

Some Huawei products have two out-of-bounds read vulnerabilities due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the devi...

Security Advisory - Six Vulnerabilities in Some Huawei Products

There are two out-of-bounds read vulnerability in some Huawei products. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make the device access invalid memory and might reset a process...

Security Advisory - Three Vulnerabilities in SCCPX Module of Some Huawei Products

There is an out-of-bounds read vulnerability in SCCPX module of some Huawei products. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of produc...

Security Advisory - Two Vulnerabilities in the SIP Module of Some Huawei Products

There is an out-of-bound read vulnerability in some Huawei products. A remote attacker send specially crafted Session Initiation Protocol SIP messages to the affected products. Due to insufficient input validation, successful exploit will cause some services abnormal. Vulnerability ID:...

Security Advisory - Two Buffer Overflow Vulnerabilities in Some Huawei Products

There is an out-of-bound write vulnerability in some Huawei products. Due to insufficient input validation, a remote, unauthenticated attacker may craft encryption key to the affected products. Successful exploit may cause buffer overflow, services abnormal. Vulnerability ID: HWPSIRT-2017-11058...

Security Advisory - Fingerprint Unlocking Vulnerability on Smartphones

There is a fingerprint unlocking vulnerability on smartphones. If there are crackles on the fingerprint collector cover, the software would consider and learn the crackles as fingerprint feature when user press his finger on the cover to unlock the phone. So after lots of normal fingerprint...

Security Advisory - Directory Traversal Vulnerability in Huawei eSpace Product

There is a directory traversal vulnerability in Huawei eSpace product. An authenticated, remote attacker can craft specific URL to the affected products. Due to insufficient verification of the URL, successful exploit will upload and download files and cause information leak and system crash...

Security Advisory - Two Remote Code Execution Vulnerabilities in Huawei eSpace Product

There are two remote code execution vulnerabilities in import Signal Tone function and import Language Package function of Huawei eSpace product. An authenticated, remote attacker can craft and send the packets to the affected products after the Signal Tone or Language Package is uploaded. Due to...

Security Advisory - Out-Of-Bounds Read Vulnerability in Some Huawei Products

Some Huawei products have an out-of-bounds read vulnerability due to insufficient input validation. An unauthenticated, remote attacker could exploit this vulnerability by sending malformed Session Initiation ProtocolSIP packets to the target device. Successful exploit could make the device read...

Security Advisory - Integer Overflow Vulnerability in Some Huawei Products

There is an integer overflow vulnerability in some Huawei products. An unauthenticated, remote attacker may send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause integer overflow and some process abnormal. Vulnerability ID:...

Security Advisory - Improper Authorization Vulnerability on iBMC

There is an improper authorization vulnerability on iBMC. The software incorrectly performs an authorization check when a normal user attempts to access certain information which is supposed to be accessed only by admin user. Successful exploit could cause information disclosure. Vulnerability ID...

Security Advisory - Buffer Overflow Vulnerability in the NFC Module of Some Huawei Mobile Phones

The Near Field Communication NFC module of some Huawei mobile phones has a buffer overflow vulnerability due to the lack of input validation. An attacker may use an NFC card reader or another device to inject malicious data into a target mobile phone. Successful exploit could lead to system resta...

Security Advisory - Arbitrary URL Loading Vulnerability in TripAdvisor

The TripAdvisor app pre-installed in some Huawei mobile phones have an arbitrary URL loading vulnerability due to insufficient input validation and improper configuration. An attacker may exploit this vulnerability to invoke TripAdvisor to load a specific URL and execute malicious code contained ...

Security Advisory - Buffer Overflow Vulnerability in the Bluetooth Module of Some Huawei Mobile Phones

There is a buffer overflow vulnerability in the Bluetooth module of some Huawei mobile phones. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth AVDTP/AVCTP messages after successful paring, causing buffer overflow. Successful exploit may cause code execution...

Security Advisory - Integer Overflow Vulnerability on Smartphones

There is an integer overflow vulnerability on smartphones. The camera driver does not validate the external input parameters and causes an integer overflow, which in the after processing results in a buffer overflow. An attacker tricks the user to install a crafted application, successful exploit...