Security Advisory - Information Disclosure Vulnerability in the Synaptics Touchscreen Driver

An information disclosure vulnerability in the Synaptics touchscreen driver. An attacker tricks a user into installing a malicious application on the smart phone, and it could enable to access data outside of its permission levels. And cause to the sensitive information leaks. Vulnerability ID:...

Security Advisory - App Lock Bypass Vulnerability in Huawei Mobile Phones

App Lock is a function provided by the Phone Manager app to prevent unauthorized use of apps on mobile phones. Some Huawei mobile phones have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone. Vulnerability...

Security Advisory – Multiple “BlueBorne” vulnerabilities on Huawei Products

There are multiple vulnerabilities of the BlueTooth Network in some Huawei products. These vulnerabilities are as follows: 1.Remote Code Execution Vulnerability This vulnerability resides in the Bluetooth Network Encapsulation Protocol BNEP service, which enables internet sharing over a Bluetooth...

Security Advisory - Use After Free Vulnerability in Madapt Driver of Some Huawei Smart Phones

The Madapt Driver of some Huawei smart phones has a use after free UAF vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution. Vulnerability ID:...

Security Advisory - Type Confusion Vulnerability on Huawei Smartphones

There is a type confusion vulnerability on Huawei smartphones. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type when do certain register operation. Successful exploit could result in buffer overflow then m...

Security Advisory - DOS Vulnerability in Bastet Component of Huawei Smart Phone

The Bastet of some Huawei mobile phones has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot. Vulnerability ID: HWPSIRT-2017-08155 This vulnerability has been...

Security Advisory - Multiple Vulnerabilities in FusionSphere OpenStack

There is a privilege escalation vulnerability in Huawei FusionSphere OpenStack. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation. Vulnerability ID: HWPSIRT-2017-07053 This...

Security Advisory - FRP Bypass Vulnerability by Talkback in Huawei Smart Phones

There is Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection FRP function, an attacker can login the Talkback mode and can perform some operations to bypass the Google account verification...

Security Advisory - Two Vulnerabilities in Some Huawei Products

There is a DoS vulnerability in some Huawei products. Due to incorrect malformed message processing logic, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause stack overflow and make a service unavailable...

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

There is Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection FRP function, an attacker can login the Swype and can perform some operations to update the Google account. As a result, the FRP...

Security Advisory - Privilege Escalation Vulnerability in Huawei ME906S Products

There has a privilege elevation vulnerability in ME906S Products. Due to lack of privilege restrictions on some of the business functions of the device. An attacker could exploit this vulnerability to modify the configuration information containing malicious files and trick users into executing t...

Security Advisory - Improper Authorization Vulnerability in Some Huawei Products

Some Huawei products have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine VM processes to exhaust system resources. Successful exploit could make new VMs...

Security Advisory - Use After Free Vulnerability in Bastet Driver of Some Huawei Smart Phones

The Bastet Driver of some Huawei smart phones has a use after free UAF vulnerability. An attacker can convince a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution. Vulnerability ID:...

Security Advisory - Several Vulnerabilities in H323 protocol of Huawei Products

There are two out-of-bounds read vulnerabilities in H323 protocol of Huawei products. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot. Vulnerability ID:...

Security Advisory - Information Exposure Vulnerability in Huawei Products

Some Huawei products have an information exposure vulnerability. Encryption keys are stored in the system. The attacker can implement reverse engineering to obtain the encryption keys, causing information exposure. Vulnerability ID: HWPSIRT-2017-07133 This vulnerability has been assigned Common...

Security Advisory - Information Exposure Vulnerability on FusionSphere OpenStack

There is an information exposure vulnerability on FusionSphere OpenStack. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure...

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

There is Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection FRP function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Googl...

Security Advisory - Information Leakage Vulnerability on OceanStor

There is an information leakage vulnerability on OceanStor. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information. Vulnerability ID: HWPSIRT-2017-06256 This vulnerability has been assigned a Common Vulnerabilities and...

Security Advisory - Two Vulnerabilities in Some Huawei CPE Devices

The outdoor unit of some Customer Premise Equipment CPE has a no authentication vulnerability on a certain port. After accessing the network between the indoor and outdoor units of the CPE, an attacker can deliver commands to the specific port of the outdoor unit and execute them without...

Security Advisory - Multiple Vulnerabilities in MTK Platform

There are two buffer overflow vulnerabilities and one arbitrary memory write vulnerability in the camera driver of MTK platform in some Huawei smart phones. Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege an...

Security Advisory - Integer overflow Vulnerability in Bastet Driver of Huawei Smart Phone

The Bastet driver of some Huawei smart phones has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitra...

Security Advisory - Buffer overflow Vulnerability in Bastet Driver of Huawei Smart Phone

The Bastet driver of some Huawei smart phones has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing...

Security Advisory - Three Vulnerabilities in Huawei FusionSphere

There is an incorrect authorization vulnerability in Huawei FusionSphere. An authenticated attacker could execute commands that he/she should have had no permission to perform, thereby querying, modifying, and deleting certain service data and making the service unavailable. Vulnerability ID:...

Security Advisory - Sensitive Information Disclosure Vulnerability on FusionSphere OpenStack

There is a sensitive information disclosure vulnerability on FusionSphere OpenStack. The software stores some sensitive information with insufficient access control. An unauthenticated remote attacker could get sensitive information by accessing certain ports. Vulnerability ID: HWPSIRT-2017-06223...

Security Advisory - DOS Vulnerability in some Huawei APPs

There is a DoS Vulnerability in some Huawei APPs. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to the device. Due to the lack of adequate input validation of APPs, which causes the APPs Denial of Service. Vulnerabili...

Security Advisory - Stored Cross-Site Scripting Vulnerability in Huawei Email APP of Smartphones

There is a stored cross-site scripting vulnerability in Huawei Email APP of smartphones. The vulnerability is due to insufficient verification of parameter values. A remote attacker could exploit this vulnerability to send email that storing malicious code to a smartphone and waiting for a user t...

Security Advisory - MITM Vulnerability in Huawei Themes App in Some Mobile Phones

The Themes App in some Huawei mobile phones has a man-in-the-middle MITM vulnerability due to the use of the insecure HTTP protocol for theme download. An attacker may exploit this vulnerability to tamper with downloaded themes. Vulnerability ID: HWPSIRT-2017-06263 This vulnerability has been...

Security Advisory - Privilege Escalation Vulnerability in Some Huawei APKs

Some Huawei APKs have a privilege elevation vulnerability due to improper design. An attacker can trick users into installing a malicious app which can send out HTTP requests and execute JavaScript code in web pages without obtaining the Internet access permission. Successful exploit could lead t...

Security Advisory - FRP Bypass Vulnerability in Huawei Honor 5S Smart Phones

Huawei Honor 5S smart phones have a Factory Reset Protection FRP bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory...

Security Advisory - Two Vulnerabilities in The FusionSphere OpenStack

The FusionSphere OpenStack has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerability to gain root privileges by sending message with malicious commands. Vulnerability ID: HWPSIRT-2017-06001 This...

Security Advisory - Improper Authentication Vulnerability in The FusionSphere OpenStack

FusionSphere OpenStack has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message. Vulnerability ID: HWPSIRT-2017-06002 This vulnerability has...

Security Advisory - App Lock Bypass Vulnerability in Huawei Mobile Phones

App Lock is a function provided by the Phone Manager app to prevent unauthorized use of apps on mobile phones. Some Huawei mobile phones have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone temporarily...

Security Advisory - Two Command Injection Vulnerabilities in The FusionSphere OpenStack

The FusionSphere has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. Vulnerability ID: HWPSIRT-2017-05142 and HWPSIRT-2017-05143 The tw...

Security Advisory - Arbitrary Memory Write Vulnerability in Some Huawei Smart Phones

The boot loaders of some Huawei mobile phones have a arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory...

Security Advisory - Authentication Bypass Vulnerability in Huawei Honor 5S Smart Phones

Huawei Honor 5S smart phones have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user's smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without...

Security Advisory - Integer Overflow Vulnerability in Some Huawei Products

There is an integer overflow vulnerability in some Huawei products. The attacker sends a response message to the device, which contains an illegal length field, it could produce an integer overflow and restart the modem system. Vulnerability ID: HWPSIRT-2017-06005 This vulnerability has been...

Security Advisory - Lack of Signature Verification Vulnerability in Some Huawei APP

Some Huawei APP do not support signature verification for APK file. An attacker could exploit this vulnerability to hijack the APK and upload modified APK file. Successful exploit could lead to the APP is hijacking. Vulnerability ID: HWPSIRT-2017-07089 This vulnerability has been assigned a Commo...

Security Advisory - Out-of-Bounds Memory Access Vulnerability in the Boot Loaders of Huawei Mobile Phones

The boot loaders of some Huawei mobile phones have an out-of-bounds memory access vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer...

Security Advisory - Two Vulnerabilities in Smart Phones

Some Huawei smart phones have an unlock code verification bypassing vulnerability. An attacker with the root privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. Vulnerability ID: HWPSIRT-2017-04121 This vulnerability...

Security Advisory - Information Disclosure Vulnerability in AEE extension of MTK Platform

There is an information disclosure vulnerability in AEE extension of MTK Platform used in Huawei smart phones. Due to improper privilege validation on specific processes, an attacker who tricks a user into installing a malicious application on the smart phone can exploit this vulnerability to...

Security Advisory - 'Phoenix Talon' Vulnerabilities in Linux Kernel

The Linux operating system has four security vulnerabilities called 'Phoenix Talon', which affect Linux kernel 2.5.69 to Linux kernel 4.11. Successful exploit of these vulnerabilities can allow an attacker to launch DoS attacks and can lead to arbitrary code execution when certain conditions are...

Security Advisory - Weak Algorithm Vulnerability in Huawei USG product

There is a weak algorithm vulnerability in Huawei USGUSG6300/USG6600 products. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links. Vulnerability ID: HWPSIRT-2017-02028 This vulnerability has been...

Security Advisory - DoS Vulnerability in Some Huawei Smartphones

There is a denial of service DoS vulnerability in some Huawei Smartphones. An attacker tricks a user into installing a malicious application. Since the system does not verify the broadcasting message from the application, it could be exploited to cause some functions of system unavailable...

Security Advisory - DoS Vulnerability of Audio Driver in Some Huawei Smartphones

Audio driver has a denial of service DoS vulnerability in some Huawei smart phones. An attacker tricks a user into installing a malicious application on the smart phone, and the race condition cause null pointer accessing during the application access shared resource, which make the system reboot...

Security Advisory - Insufficient Input Validation Vulnerability in Bastet of Huawei Smart Phone

The Bastet of some Huawei mobile phones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system reboot. Vulnerability ID: HWPSIRT-2017-05190 This...

Security Advisory - Multiple Buffer Overflow Vulnerabilities in Driver of Huawei Smart Phone

The driver of some Huawei smart phones have six buffer overflow vulnerabilities due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege of the Android system, the APP can send a specific parameter to the driver of the smart...

Security Advisory - BroadPwn Remote Code Execute Vulnerability

Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. Successful exploit of this vulnerability could allow an attacker to remotely execute arbitrary code on affected devices. Vulnerability ID: HWPSIRT-2017-07072 This...

Security Advisory - Two DoS Vulnerabilities in Call Module of Some Huawei Smart Phones

There are two DoS vulnerabilities in the call module of some Huawei smart phones due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can send given parameter to call module to crash the call and data communication proces...

Security Advisory - Resource Exhaustion Vulnerability in Some Huawei Smartphones

Some Huawei smartphones have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery. Vulnerability ID: HWPSIRT-2017-04120 This...

Security Advisory - MaxAge LSA Vulnerability in OSPF Protocol of Some Huawei Products

Some Huawei products have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS Link Status age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack...