HUAWEI Security Vulnerabilities
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.3AI Score
0.002EPSS
Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.
7.5CVSS
7.5AI Score
0.001EPSS
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
7.5CVSS
7.5AI Score
0.001EPSS
Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
7.5CVSS
7.3AI Score
0.001EPSS
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.
7.5CVSS
7.4AI Score
0.001EPSS
There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege.
7.8CVSS
7.5AI Score
0.0004EPSS
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.
7.5CVSS
7.9AI Score
0.001EPSS
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
9.8CVSS
9.6AI Score
0.003EPSS
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.
5.3CVSS
4.9AI Score
0.001EPSS
Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.
5.3CVSS
5.2AI Score
0.001EPSS
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
9.1CVSS
9.1AI Score
0.002EPSS
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.
7.5CVSS
7.5AI Score
0.001EPSS
The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.
5.5CVSS
5.5AI Score
0.0004EPSS
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
9.8CVSS
9.4AI Score
0.002EPSS
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.
5.5CVSS
5.5AI Score
0.0004EPSS
There is an improper security permission configuration vulnerability on ACPU.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
7.8CVSS
7.6AI Score
0.0004EPSS
There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
9.8CVSS
9.5AI Score
0.002EPSS
There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
9.8CVSS
9.4AI Score
0.002EPSS
Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100...
6.5CVSS
6.3AI Score
0.001EPSS
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
9.8CVSS
9.6AI Score
0.002EPSS
There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful exploitation of this vulnerability may cause out-of-bounds access.
9.8CVSS
9.3AI Score
0.002EPSS
There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
7.5CVSS
7.4AI Score
0.001EPSS
There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition.
7.5CVSS
7.6AI Score
0.001EPSS
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
8.8CVSS
8.9AI Score
0.001EPSS
The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.
5.3CVSS
5.2AI Score
0.001EPSS
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
8.8CVSS
8.9AI Score
0.001EPSS
HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
5.3CVSS
5.3AI Score
0.001EPSS
The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality.
4.6CVSS
4.7AI Score
0.001EPSS
There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.
6.5CVSS
6.1AI Score
0.001EPSS
There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary me...
7.5CVSS
7.4AI Score
0.001EPSS
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
5.3CVSS
5.3AI Score
0.001EPSS
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
9.8CVSS
9.7AI Score
0.003EPSS
There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.4AI Score
0.001EPSS
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
6.5CVSS
6.4AI Score
0.001EPSS
The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.7AI Score
0.001EPSS
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.
4.7CVSS
4.6AI Score
0.0004EPSS
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
6.5CVSS
6.4AI Score
0.001EPSS