HUAWEI Security Vulnerabilities
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
7.5CVSS
7.4AI Score
0.001EPSS
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
7.5CVSS
7.5AI Score
0.001EPSS
There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation.
9.8CVSS
9.6AI Score
0.002EPSS
There is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of service.
7.5CVSS
7.3AI Score
0.001EPSS
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
5.5CVSS
5.4AI Score
0.0004EPSS
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
5.5CVSS
5.5AI Score
0.0004EPSS
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
7.5CVSS
7.5AI Score
0.001EPSS
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
5.5CVSS
5.5AI Score
0.0004EPSS
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
5.5CVSS
5.5AI Score
0.0004EPSS
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
4.7CVSS
4.7AI Score
0.0004EPSS
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
5.5CVSS
5.5AI Score
0.0004EPSS
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
9.1CVSS
9.1AI Score
0.002EPSS
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.
7.8CVSS
7.6AI Score
0.0004EPSS
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.
5.5CVSS
5.5AI Score
0.0004EPSS
There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use brute force cracking to obtain passwords, which may cause sensitive system information to be disclosed.
6.5CVSS
6.2AI Score
0.001EPSS
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
7.5CVSS
7.3AI Score
0.001EPSS
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
7.5CVSS
7.3AI Score
0.001EPSS
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
9.1CVSS
9.1AI Score
0.002EPSS
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
7.5CVSS
7.5AI Score
0.001EPSS
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
7.5CVSS
7.6AI Score
0.002EPSS
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
6.5CVSS
6.7AI Score
0.001EPSS
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
6.5CVSS
6.7AI Score
0.001EPSS
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.001EPSS
The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash.
7.5CVSS
7.4AI Score
0.001EPSS
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
9.8CVSS
9.4AI Score
0.002EPSS
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files.
9.8CVSS
9.3AI Score
0.002EPSS
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
7.5CVSS
7.5AI Score
0.001EPSS
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.7AI Score
0.002EPSS
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability.
7.5CVSS
7.5AI Score
0.001EPSS
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
7.5CVSS
7.5AI Score
0.001EPSS
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
7.5CVSS
7.5AI Score
0.001EPSS
A Huawei device has an input verification vulnerability. Successful exploitation of this vulnerability may lead to DoS attacks.Affected product versions include:CV81-WDM FW versions 01.70.49.29.46.
7.5CVSS
7.4AI Score
0.001EPSS
The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data.
7.5CVSS
7.6AI Score
0.001EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions.
9.8CVSS
9.4AI Score
0.002EPSS
The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage.
7.5CVSS
7.3AI Score
0.002EPSS
The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked.
9.8CVSS
9.3AI Score
0.001EPSS
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.
9.8CVSS
9.6AI Score
0.003EPSS
The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.
7.5CVSS
7.3AI Score
0.002EPSS
The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability.
9.1CVSS
8.8AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS