Security Advisory - DoS Vulnerability in Some Huawei Firewall Products

Some Huawei firewall products have a denial of service DoS vulnerability. Due to improper validation of some specific fields of DHCP message, an unauthenticated attacker may send abnormal DHCP request packets to the affected products. Successful exploit of this vulnerability could lead to a DoS...

Security Advisory - Input Validation Vulnerability in Some Huawei Products

Some Huawei products have an input validation vulnerability due to improper validation of Multiprotocol Label Switching MPLS packets. A remote unauthenticated attacker could exploit this vulnerability by sending malformed MPLS packets. Successful exploit could lead to a denial of service DoS...

Security Advisory - Input Validation Vulnerability in Wi-Fi Driver of Huawei Smart Phones

There is an input validation vulnerability in the Wi-Fi Driver of some Huawei smart phones. An attacker may trick a user into installing a malicious application, and the application can exploit this vulnerability to gain privileges for certain system calls. Vulnerability ID: HWPSIRT-2016-11026 Th...

Security Advisory - Two Information Leak Vulnerabilities in ION Memory Management Module of Huawei Smart Phone

Two information leak vulnerabilities exist in the ION memory management module of some Huawei mobile phones due to the lack of initialization during memory allocation. Vulnerability ID: HWPSIRT-2016-09032 and HWPSIRT-2016-09033 These two vulnerabilities have been assigned CVE ID: CVE-2016-8757 an...

Security Advisory - DOS Vulnerability in ION Memory Management Module of Huawei Smart Phone

A denial of service DoS vulnerability exists in the ION memory management module of some Huawei mobile phones. An attacker may trick a user into installing a malicious app to send specific parameters to a Huawei mobile phone. Successful exploit could cause the system to restart.Vulnerability ID:...

Security Advisory - Defense Mechanism Bypass Vulnerability in Huawei USG Products

There is a defense mechanism bypass vulnerability in Huawei USG products. Successful exploit could allow an attacker to bypass the anti-DDoS module of the USGs to send massive HTTP packets, possibly causing a denial of service condition on the backend server. Vulnerability ID: HWPSIRT-2016-07050...

Security Advisory - PXN Defense Mechanism Failure Vulnerability in Huawei Mobile Phones

There is a Privileged Execute-Never PXN defense mechanism failure vulnerability in the drive code of some Huawei mobile phones. An attacker may trick users into installing malicious apps which can disable the PXN defense mechanism by invoking related drive code to crash the system or escalate...

Security Advisory - Hardcoded SSH Key Vulnerability in Some Huawei Storage Products

Some Huawei storage products have a hardcoded SSH key vulnerability. Different nodes of the devices use SSH to encrypt communication data and authenticate each other based on public and private keys. Since the SSH public and private keys are hardcoded, an attacker may obtain the keys and log in t...

Security Advisory - Multiple Security Vulnerabilities in Driver of Huawei Smart Phones

There are two stack overflow vulnerabilities in video driver. An attacker may trick a user into installing a malicious application and the application can send given parameter to video driver to crash the system or escalate user privilege. Vulnerability ID: HWPSIRT-2016-08056 and HWPSIRT-2016-080...

Security Advisory - Path Traversal Vulnerability in Multiple Huawei Products

Multiple Huawei products have a path traversal vulnerability. Due to the insufficient path validation, an authenticated attacker may exploit this vulnerability to download some files without authorization, causing information leak. Vulnerability ID: HWPSIRT-2016-07025 This vulnerability has been...

Security Advisory - Privilege Escalation Vulnerability in Huawei Multiple Smart Phones

There is a privilege escalation vulnerability in Android kernel due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can modify the data of kernel to crash the system or escalate user privilege. Vulnerability ID:...

Security Advisory - DOS Vulnerability in Video Driver of Huawei Smart Phone

There is a Denial of Service DoS vulnerability in the video driver of some Huawei products. An attacker may trick a user into installing a malicious application, and the application can send given parameter to video driver to reboot the system. Vulnerability ID: HWPSIRT-2016-08046 This...

Security Advisory - DoS Vulnerability in Multiple Huawei Products

There is a DoS vulnerability in some Huawei products. A remote attacker can directly access the device through a certain URL without login authentication, which can make the device restart. Vulnerability ID: HWPSIRT-2016-06063 This vulnerability has been assigned Common Vulnerabilities and...

Security Advisory - DoS Vulnerability in Multiple Huawei Products

There is a DoS vulnerability in some Huawei products. Since the device does not validate the parameters in a certain command, an attacker with certain permissions could log in and deliver the command containing a malicious parameter to make the device restart. Vulnerability ID: HWPSIRT-2016-06064...

Security Advisory - DoS Vulnerability in Huawei Switches

There is a DoS vulnerability caused by memory leak in some of Huawei products as affected products list below. For lacking of adequate input validation，attackers can craft and send a large number of malformed packets to the target device to exhaust the memory of the device and may cause the devic...

Security Advisory - Buffer Overflow Vulnerability in Huawei USG Products

The Point-to-Point Protocol over Ethernet PPPoE module of the USG has a buffer overflow vulnerability. When Challenge Handshake Authentication Protocol CHAP authentication is configured on the server, an attacker may send abnormal attack packets to the server during authentication to cause buffer...

Security Advisory - Two Vulnerabilities in Huawei WS331a

Huawei WS331a is a Mini Wireless route. There is a Cross-site request forgery CSRF vulnerability in the management interface of WS331a products, an unauthenticated attacker could exploit this vulnerability to perform a CSRF attack. Successful exploit could allow the attacker to submit special...

Security Advisory - XML Bomb Vulnerability in AnyOffice

AnyOffice Enterprise Mobile Management EMM is a module of the AnyOffice, which provides the mobile terminal management function. The XML Bomb vulnerability in the AnyOffice EMM could allow an authenticated, remote attacker to cause the software to deny services by uploading an XML bomb...

Security Advisory - TCP Connection Hijack Vulnerability

There is a vulnerability in the implementation of the RFC 5961, due to the improper determination of the rate of challenge ACK responses by the global rate limit feature. Successful exploit could allow an unauthenticated, remote attacker to reset or hijack into a TCP connections between two...

Security Advisory - Multiple Security Vulnerabilities in Huawei HiSuite

Huawei HiSuite PC client software has an information leak vulnerability. The software provides the function for configuring the proxy server. The password textbox on the proxy configuration UI do not disable the password copy function. An attacker who can log in to the system can copy out the...

Security Advisory - Information Leak Vulnerability in Huawei eSpace IAD

Huawei eSpace IAD products have an information leak vulnerability. Some Web pages do not verify the validity of the permission. An attacker can check and download the fault information by access special URL. Vulnerability ID: HWPSIRT-2016-08001 This vulnerability has been assigned a CVE ID:...

Security Advisory - Uncontrolled Format String Vulnerability on Multiple Products

Several Huawei routers and switches have an uncontrolled format string vulnerability when processing partial commands. An authenticated attacker could exploit this vulnerability to cause a denial of service. Vulnerability ID: HWPSIRT-2016-07011 This vulnerability has been assigned Common...

Security Advisory - Weak Encryption Algorithm Vulnerability in Huawei Servers

Some Huawei servers have a weak encryption algorithm vulnerability in the iBMC Intelligent Baseboard Management Controller. The software provide an option for users to select SSL encryption algorithms. If an insecure encryption algorithm is selected, an attacker may decrypt encrypted data, causin...

Security Advisory - Information Leak Vulnerability in Huawei FusionSphere Product

The open-source component Xenstore in the FusionSphere has an information leak vulnerability due to loose security settings. Successful exploit could allow an authenticated attacker to obtain partial information from virtual machines. Vulnerability ID: HWPSIRT-2016-06067. Huawei has released...

Security Advisory - Two Command Injection Vulnerabilities in Huawei UMA

The Unified Maintenance Audit UMA system provides a unified portal for O&M operations, controls and records users' O&M operations, and supports auditing by way of command display and video replay. The UMA has two command injection vulnerabilities due to the lack of validation on special fields. A...

Security Advisory - Resource Management Vulnerability in Huawei Servers

Some Huawei servers have a resource management vulnerability in the iBMC Intelligent Baseboard Management Controller. A local attacker could exploit this vulnerability to exhaust iBMC resources and cause a denial of service. Vulnerability ID: HWPSIRT-2016-05251 This vulnerability has been assigne...

Security Advisory - Reset Password and Information Leak Vulnerabilities in Huawei UMA

The Unified Maintenance Audit UMA system provides a unified portal for O&M operations, controls and records users' O&M operations, and supports auditing by way of command display and video replay. The UMA has two security vulnerabilities. One vulnerability is due to insufficient parameter...

Security Advisory - XXE Vulnerability in the E9000

E9000 has an XML External Entity XXE vulnerability when parsing user-supplied XML documents in HMM Hyper Management Module. Attackers could exploit this vulnerability to read arbitrary files and cause a denial of the web service. Vulnerability ID: HWPSIRT-2016-05249 This vulnerability has been...

Security Advisory - IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

There is a vulnerability in the IP Version 6 IPv6 Neighbor Discovery packet process of multiple products, successful exploit could allow an unauthenticated, remote attacker to cause an affected device to start dropping legitimate IPv6 neighbors as legitimate ND times out, leading to a denial of...

Security Advisory - XSS Vulnerability in Huawei OceanStor ISM

The OceanStor ISM is an integrated system management software product that allows users to manages CSS, view CSS alarms and some other types of basic information, and configure basic functions. The management interface of the OceanStor ISM has a XSS vulnerability because the system does not escap...

Security Advisory - HTTP Header Injection Vulnerability in Huawei FusionAccess

The FusionAccess is the desktop management system of Huawei FusionCloud desktop solution. Huawei FusionAccess has an HTTP header injection vulnerability. A remote, unauthenticated attacker can exploit it to tamper with HTTP headers, causing users to access crafted URLs. Vulnerability ID:...

Security Advisory - Input Validation Vulnerability in Huawei Access Controllers

There is an input validation vulnerability in Huawei access controllers AC. Due to the lack of input validation, an attacker may craft malformed Control And Provisioning of Wireless Access Points CAPWAP protocol packets and send them to the device, causing the device to restart. Vulnerability ID:...

Security Advisory - Information Leak Vulnerability in Some Huawei Servers

Some Huawei servers have an information leak vulnerability. The servers allow users to select security encryption algorithms. If an insecure encryption algorithm is selected, an attacker may decrypt ciphertext data, causing information leaks. Vulnerability ID: HWPSIRT-2016-07019 This vulnerabilit...

Security Advisory - Brute Force Cracking Vulnerability in Huawei Servers

Huawei server has a brute-force cracking vulnerability due to the lack of authentication protection mechanisms. A remote attacker may obtain user passwords via a brute force attack. Vulnerability ID: HWPSIRT-2016-05247 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE...

Security Advisory - Cleartext Storage of Crytographic Key Vulnerability in FusionCompute

FusionCompute has a key cleartext storage vulnerability. Successful exploit could allow an attacker to obtain AES keys. Vulnerability ID: HWPSIRT-2016-06076 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2016-6827. Huawei has released software updates to fix...

Security Advisory - Improper Input Validation Vulnerability in AnyMail

Huawei AnyMail has an improper input validation vulnerability when opening compressed email attachments. Successful exploit could cause AnyMail to crash and exit. Vulnerability ID: HWPSIRT-2016-06099 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2016-6826...

Security Advisory - A Security Vulnerability of Using Insecure Random Numbers to Generate Self-signed Certificates in Huawei Products

Some Huawei products automatically generate self-signed certificates upon the first use. The random numbers used to generate these certificates are not random enough. Different devices' certificates may use the same random number consequently, which contains the risk of an attacker compromising t...

Security Advisory - Buffer Overflow Vulnerability in Huawei USG Products

The Authentication, Authorization and Accounting AAA module in the USG products has a buffer overflow vulnerability. A remote attacker can send crafted Enterprise Application Platform EAP packets to the USG products through a Remote Authentication Dial In User Service RADIUS server which has...

Security Advisory - A Security Vulnerability of Using Insecure Random Numbers to Generate Self-signed Certificates in Huawei Products

Some Huawei products automatically generate self-signed certificates upon the first use. The random numbers used to generate these certificates are not random enough. Different devices' certificates may use the same random number consequently, which contains the risk of an attacker compromising t...

Security Advisory - Input Validation Vulnerabilities in Camera Driver of Huawei Smart Phones

There are five input validation vulnerabilities in the Camera driver of some Huawei smart phones. An attacker may trick a user into installing a malicious application, and the application can send given parameter to Camera driver to crash the system or escalate user privilege. Vulnerability ID:...

Security Advisory - Input Validation Vulnerability in Multiple Huawei Products

There is an input validation vulnerability in Huawei multiple products, an attacker with control plane access may exploit this vulnerability by crafting a malformed packet. An exploit could allow the attacker to cause a Denial of Service or execute arbitrary code. Vulnerability ID:...

Security Advisory - Input Validation Vulnerability in WiFi Driver of Huawei Smart Phone

There is an input validation vulnerability in the WiFi driver of some Huawei products. An attacker may trick a user into installing a malicious application, and the application can send given parameter to WiFi driver to crash the system or escalate user privilege. Vulnerability ID:...

Security Advisory - Input Validation Vulnerability in Huawei Routers

There is an input validation vulnerability in Huawei access routers, an attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. An exploit could allow the attacker to cause a Denial of Service or remote code execution. Vulnerability ID:...

Security Advisory - Two Buffer Overflow Vulnerabilities in Wi-Fi Driver of Huawei Smart Phone

Wi-Fi driver of some Huawei products have two buffer overflow vulnerabilities due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can send given parameter to Wi-Fi driver to crash the system or escalate user privilege...

Security Advisory - Multiple Vulnerabilities in OpenSSL in May 2016

On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection...

Security Advisory - Weak Encryption Vulnerability in the OceanStor ReplicationDirector

OceanStor ReplicationDirector is designed to manage disaster recovery DR service of data centers DC for enterprises. Huawei OceanStor ReplicationDirector has weak encryption vulnerability. An attacker may exploit it to craft server certificate signatures. Vulnerability ID: HWPSIRT-2016-05156 Huaw...

Security Advisory - Integer Overflow Vulnerability in the OceanStor 5800

The OceanStor 5800 V3 Storage Systems are mid-range storage products newly developed by Huawei. The OceanStor 5800 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System NFS packets, causing an anomaly in specific disk arrays. Vulnerability...

Security Advisory - XSS Vulnerability in Huawei Public Cloud Solution

The Public Cloud Solution has a Cross-Site Scripting XSS vulnerability in volume backup service module. An attacker can insert special characters to modify server data. Vulnerability ID: HWPSIRT-2016-06017 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID:...

Security Advisory - Data Leak Vulnerability in the FusionCompute

The FusionCompute is a cloud operating system OS. It virtualizes computing, storage, and network resources, and implements centralized management and scheduling of the virtual resources through a unified interface. Huawei FusionCompute has sensitive data leak vulnerability. An attacker can log in...

Security Advisory - DLL Hijacking Vulnerability on Huawei HiSuite

The HiSuite is mobile assistant software on PCs. This software contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execute arbitrary code...