Security Advisory - Multiple Vulnerabilities of PEM Module in Some Huawei Products

There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter, which could cause a denial of service. Vulnerability ID: HWPSIRT-2017-06047 This vulnerability has been...

Security Advisory - Two Vulnerabilities of License Module in Some Huawei Products

There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service. Vulnerability ID: HWPSIRT-2017-06138 This vulnerability has been assigned ...

Security Advisory - DoS Vulnerability in Some Huawei Products

There is an DoS vulnerability in some Huawei products due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated remote attacker can place a malformed putty key file in system, when a system manager load the key, an infinite loop happens which lead to...

Security Advisory - Memory Leak Vulnerability in Several Huawei Products

There is a memory leak vulnerability in several Huawei products. The software does not release allocated memory properly when parse XML element data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory...

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is a buffer overflow vulnerability in the Common Open Policy Service Protocol COPS module of some Huawei products. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted message to the affected products. The vulnerability is due to insufficient inp...

Security Advisory - Denial of Service Vulnerability on Several Huawei Products

There is a denial of service vulnerability on several products. The software does not correctly calculate the rest size in a buffer when handling SSL connections. A remote unauthenticated attacker could send a lot of crafted SSL messages to the device, successful exploit could cause no space in t...

Security Advisory - Multiple Security Vulnerabilities in the IKEv2 Protocol Implementation of Huawei Products

There have multiple vulnerabilities in the IKEv2 protocol on some Huawei products. IKEv2 has an out-of-bounds write vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory write, which may further lead to system...

Security Advisory - Multiple Buffer Overflow Vulnerabilities in Some Huawei Products

There are three buffer overflow vulnerabilities in the SIP backup feature of some Huawei products. An attacker may send specially crafted messages to the affected products. Due to the insufficient validation of some values for SIP messages, successful exploit may cause services abnormal...

Security Advisory - Two DOS Vulnerabilities of XML Parser in Some Huawei Products

XML parser have two DOS vulnerabilities in some Huawei products. An attacker may craft specific XML files to the affected products. Due to not check the specially XML file and to parse this file, successful exploit will result in DOS attacks. Vulnerability ID: HWPSIRT-2017-03037 and...

Security Advisory - DoS Vulnerability in Some Huawei Products

There is a DoS vulnerability caused by memory exhaustion in some Huawei products. For insufficient input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service DoS. Vulnerability ID: HWPSIRT-2016-1210...

Security Advisory - Memory Double Free Vulnerability in GPU Driver of Some Huawei Smart Phones

The GPU driver of some Huawei smart phones has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could triggers double free and causes a system crash or arbitrary code execution. Vulnerability ID:...

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol RSVP packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and...

Security Advisory - Multiple Vulnerabilities in Intel Management Engine Firmware

There are multiple vulnerabilities in Intel Management Engine ME firmware. Some Huawei devices are affected for using related Intel products. Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system t...

Security Advisory - DoS Vulnerability in Some Huawei Smart Phones

There is a denial of service DoS vulnerability in some Huawei smart phones. An attacker can trick a user to install a malicious application to exploit this vulnerability. Successful exploitation can cause camera application unusable. Vulnerability ID: HWPSIRT-2017-09006 This vulnerability has bee...

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions. Vulnerability ID: HWPSIRT-2017-08151 This vulnerability has been assign...

Security Advisory - Memory Leak Vulnerability in Some Huawei Network Products

Patch module of some Huawei products have a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally. Vulnerability ID: HWPSIRT-2016-08051 This vulnerability has been assigned a CVE I...

Security Advisory - A CGI application vulnerability in Some Huawei Products

Some open source software used by Huawei does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an...

Security Advisory - Buffer Overflow Vulnerability on Several Products

There is a buffer overflow vulnerability on several products. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot. Vulnerability ID:...

Security Advisory - Denial of Service Vulnerability on Several Products

There is a denial of service vulnerability on several products. The software decodes X.509 certificate in an improper way. A remote unauthenticated attacker could send a crafted X.509 certificate to the device. Successful exploit could result in a denial of service on the device. Vulnerability ID...

Security Advisory - Integer Overflow Vulnerability on Several Products

There is an integer overflow vulnerability on several products. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot. Vulnerability ID: HWPSIRT-2017-010...

Security Advisory - Two Vulnerabilities in H323 protocol of Huawei Products

There is an out-of-bounds read vulnerability in H323 protocol of Huawei products. An unauthenticated, remote attacker may send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot. Vulnerability ID:...

Security Advisory - Use After Free Vulnerability in Some Huawei Smart Phones

There is a use after free UAF vulnerability in some Huawei mobile phones. An attacker tricks a user into installing a malicious application, and the application can riggers access memory after free it. A local attacker may exploit this vulnerability to cause the mobile phone to crash. Vulnerabili...

Security Advisory - Samba Remote Code Execution Vulnerability in Some Huawei Products

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing an authenticated attacker to upload a shared library to a writable share and execute arbitrary code remotely on a targeted system. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security...

Security Advisory - Multiple NTPd Vulnerabilities in Huawei Products

Multiple denial of service vulnerabilities were disclosed on Network Time Protocol NTP offical website. Attackers can exploit these vulnerabilities to cause a denial of service DoS condition. If trap service is enabled, an attacker can exploit this vulnerabilityc by sending a specially crafted...

Security Advisory - Remote Code Execution Vulnerability in Microsoft Windows Server Service

Microsoft released a security bulletin MS08-067 to disclose a remote code execution vulnerability in the Server service. An unauthenticated, remote attacker may send a specially crafted RPC request to the affected products. Successful exploit may result in arbitrary code execution. Vulnerability...

Security Advisory - Insufficient Input Validation Vulnerability in Some Huawei Products

There is an insufficient input validation vulnerability in some Huawei products. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the...

Security Advisory - Stack Overflow Vulnerability in Baseband Module of Some Huawei Smart Phones

The baseband modules of some Huawei smart phones have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles the...

Security Advisory - Authentication Bypass Vulnerability in the 'Find Phone' Function of Some Huawei Smart Phones

There is an authentication bypass vulnerability in the 'Find Phone' function of some Huawei smart phone. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally...

Security Advisory - Improper Access Control Vulnerability in Some Huawei OceanStor products

There is an improper access control vulnerability in Some Huawei OceanStor products. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal. Vulnerability ID:...

Security Advisory - Multiple Security Vulnerabilities in Huawei iReader

Huawei iReader app has three security vulnerabilities. The app has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be...

Security Advisory - Multiple Vulnerabilities of WPA and WPA2 Protocol in Some Huawei Products

There are ten WPA Wi-Fi Protected Access and WPA2 protocol vulnerabilities in some Huawei products: Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Pairwise Transient Key PTK Temporal Key TK during the four-way handshake, allowing an attacker within radio range to replay, decrypt...

Security Advisory - Sensitive Information Leak Vulnerability in Some Huawei Smart Phones

There is a sensitive information leak vulnerability in the CMA implementation of some Huawei smart phones. An attacker can trick a user to install a malicious application to exploit this vulnerability. Successful exploitation may cause sensitive information leak. Vulnerability ID:...

Security Advisory - SQL Injection Vulnerabilities in Huawei UMA Product

There is a SQL injection vulnerability in the operation and maintenance module of Huawei UMA Product. An attacker logs in to the system as a common user and sends crafted HTTP requests that contain malicious SQL statements to the affected system. Due to a lack of input validation on HTTP requests...

Security Advisory - Multiple Vulnerabilities in MTK Platform

There are multiple vulnerabilities in MTK platform used in Huawei smart phones. There is a out-of-bound read vulnerability in MTK platform used in Huawei smart phones. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter and cause to memor...

Security Advisory - Buffer overflow Vulnerability in CameraISP Driver of Huawei Smart Phone

The CameraISP driver of some Huawei smart phones has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP, the APP can send a specific parameter to the CameraISP driver of the smart phone, causing system reboot...

Security Advisory - DoS Vulnerability in Some Huawei Products

Some Huawei products have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device. Successful exploit could make a service crash. Vulnerability ID: HWPSIRT-2017-05081 This vulnerability h...

Security Advisory - Out-of-bounds Read Vulnerability in Some Huawei Products

There is an out-of-bounds read vulnerability in some Huawei products. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal. Vulnerability ID:...

Security Advisory - Three Buffer Overflow Vulnerabilities in Some Huawei Products

There are three buffer overflow vulnerabilities in some Huawei products. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. Vulnerabilit...

Security Advisory - Command Injection Vulnerability in OpsMonitor

There is a command injection vulnerability in OpsMonitor service. Due to lack of validation of user input, an authenticated user may inject malicious command into the affected products, causing command execution with root privilege in OpsMonitor service. Vulnerability ID: HWPSIRT-2017-10062 Huawe...

Security Advisory - Denial of Service Vulnerability on Huawei Smartphones

There is a denial of service vulnerability on Huawei Smartphones. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot. Vulnerability ID: HWPSIRT-2017-09085 This vulnerability has been assigne...

Security Advisory - Information Leak Vulnerability in Huawei FusionSphere OpenStack

Huawei FusionSphere OpenStack has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak. Vulnerability ID: HWPSIRT-2017-07112 This...

Security Advisory - Seven vulnerabilities in Google Dnsmasq

Dnsmasq is a widely used piece of open-source softwarea designed to provide DNS, DHCP, Dnsmasq 2.77 and before version contains 7 security vulnerabilities. There is a heap buffer overflow vulnerability in dnsmasq in the code responsible when building DNS replies. An attacker could send crafted DN...

Security Advisory - Three Out-of-bounds Read Vulnerabilities in Some Huawei Products

There are three out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and...

Security Advisory - Permission Control Vulnerability in Smart Phones

Some Huawei Smart phones have a permission control vulnerability. Due to improper authorization configuration on specific device information, an attacker with the root privilege can exploit this vulnerability to modify specific device information. Vulnerability ID: HWPSIRT-2017-08157 This...

Security Advisory - Permission Control Vulnerability in Smart Phones

Some Huawei Smart phones have a permission control vulnerability. Due to improper authorization configuration on specific device information, an attacker with the root privilege can exploit this vulnerability to modify specific device information. Vulnerability ID: HWPSIRT-2017-08157 This...

Security Advisory - Two Buffer overflow Vulnerabilities on Huawei Smart Phone

Some Huawei smart phones have two buffer overflow vulnerabilities due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone, causing the smartphone restart or arbitrary...

Security Advisory - Three Vulnerabilities in Huawei GaussDB

There is a information leak vulnerability in libevent of Huawei GaussDB. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending a forged DNS response to an application using libevent. Successful exploit of the vulnerability could lead to reading data o...

Security Advisory - Information Leak Vulnerability in Huawei FusionSphere Openstack

There is an information leak vulnerability in Huawei FusionSphere Openstack. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing the internal network may obtain sensitive information transmitted. Vulnerability ID:...

Security Advisory - DoS Vulnerability in Huawei Firewall Products

There is a DoS vulnerability in some Huawei firewall products. Due to insufficient input validation, a remote attacker who controls the peer device could exploit the vulnerability by sending malformed IKE packets to the target device. Successful exploit of the vulnerability could cause the device...

Security Advisory - Improper Authorization Vulnerability in Huawei FusionSphere OpenStack

There is an improper authorization vulnerability in Huawei FusionSphere OpenStack products. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation. Vulnerability ID:...