HUAWEI Security Vulnerabilities
The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access.
9.8CVSS
9.4AI Score
0.002EPSS
The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.
9.1CVSS
9AI Score
0.002EPSS
There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.2AI Score
0.002EPSS
The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
7.5CVSS
7.7AI Score
0.001EPSS
The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.6AI Score
0.001EPSS
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity.
7.5CVSS
7.5AI Score
0.001EPSS
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
7.5CVSS
7.6AI Score
0.001EPSS
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
7.5CVSS
7.5AI Score
0.001EPSS
The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.3AI Score
0.001EPSS
There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; Clou...
5.5CVSS
5.1AI Score
0.0004EPSS
The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability.
7.5CVSS
7.5AI Score
0.001EPSS
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
7.5CVSS
7.6AI Score
0.001EPSS
The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution.
9.8CVSS
9.6AI Score
0.003EPSS
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
5.5CVSS
5.4AI Score
0.0004EPSS
There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
7.5CVSS
7.5AI Score
0.001EPSS
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain informa...
4.2CVSS
4AI Score
0.0004EPSS
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800, V200R020C00SPC600; CloudEngine 6...
6.5CVSS
6.4AI Score
0.001EPSS
The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier than AIS-BW80H-00 9.0.3.4(H100SP13C00). The devices cannot effectively defend against external malicious interference. Attackers need the device to be visually exploitable and successful triggering of this vulnerabili...
7.8CVSS
7.9AI Score
0.0004EPSS
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations.
8.8CVSS
8.5AI Score
0.001EPSS
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
5.5CVSS
5.5AI Score
0.0004EPSS
PCManager versions 11.1.1.95 has a privilege escalation vulnerability. Successful exploit could allow the attacker to access certain resource beyond its privilege.
9.8CVSS
9.4AI Score
0.002EPSS
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
7.5CVSS
7.5AI Score
0.001EPSS
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.6AI Score
0.001EPSS
There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.
7.5CVSS
7.3AI Score
0.002EPSS
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
9.8CVSS
9.3AI Score
0.002EPSS
There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.6AI Score
0.001EPSS
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
9.1CVSS
9.1AI Score
0.001EPSS
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.
7.5CVSS
7.5AI Score
0.001EPSS
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
5.9CVSS
5.6AI Score
0.001EPSS
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.6AI Score
0.001EPSS
There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.7AI Score
0.001EPSS
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.7AI Score
0.001EPSS
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.
6.5CVSS
6.4AI Score
0.001EPSS
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.7AI Score
0.001EPSS
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
7.5CVSS
7.5AI Score
0.001EPSS
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.6AI Score
0.001EPSS
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.
7.5CVSS
7.7AI Score
0.001EPSS
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.001EPSS
The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.6AI Score
0.002EPSS