HUAWEI Security Vulnerabilities
The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart.
7.5CVSS
7.4AI Score
0.001EPSS
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.
7.5CVSS
7.5AI Score
0.001EPSS
There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing.
4.3CVSS
4.6AI Score
0.001EPSS
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.
9.8CVSS
9.3AI Score
0.002EPSS
The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically.
5.3CVSS
5.2AI Score
0.001EPSS
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.
7.5CVSS
7.4AI Score
0.001EPSS
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.
7.5CVSS
7.4AI Score
0.001EPSS
Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
9.8CVSS
9.4AI Score
0.003EPSS
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
9.8CVSS
9.4AI Score
0.003EPSS
The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified.
5.3CVSS
5.2AI Score
0.001EPSS
The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction.
7.5CVSS
7.5AI Score
0.001EPSS
The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
9.8CVSS
9.3AI Score
0.003EPSS
There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.
5.9CVSS
5.8AI Score
0.002EPSS
Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources.
7.8CVSS
7.5AI Score
0.0004EPSS
Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file.
5.5CVSS
5.4AI Score
0.0004EPSS
The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.001EPSS
The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity.
7.5CVSS
7.5AI Score
0.001EPSS
The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.
7.5CVSS
7.4AI Score
0.001EPSS
The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone.
5.3CVSS
5.5AI Score
0.001EPSS
The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.
9.8CVSS
9.4AI Score
0.002EPSS
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.4AI Score
0.001EPSS
The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.
5.3CVSS
5.3AI Score
0.001EPSS
Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write.
9.8CVSS
9.3AI Score
0.003EPSS
The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.
9.8CVSS
9.1AI Score
0.003EPSS
The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
7.5CVSS
7.6AI Score
0.001EPSS
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.
9.8CVSS
9.4AI Score
0.003EPSS
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
9.8CVSS
9.4AI Score
0.003EPSS
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.
9.8CVSS
9.4AI Score
0.003EPSS
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
9.8CVSS
9.4AI Score
0.003EPSS
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions.
9.8CVSS
9.3AI Score
0.003EPSS
Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition.
6.5CVSS
6.5AI Score
0.0005EPSS
The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may cause malicious hiding of app icons.
7.5CVSS
7.5AI Score
0.001EPSS
The memory management module has a logic bypass vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.001EPSS
The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart.
6.5CVSS
6.4AI Score
0.001EPSS
The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control connections.Successful exploitation of this vulnerability may disconnect normal service connections.
7.5CVSS
7.5AI Score
0.001EPSS
There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to DoS.
7.5CVSS
7.3AI Score
0.001EPSS
There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation could bypass lock screen authentication.
4.6CVSS
4.7AI Score
0.001EPSS
There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution.
9.8CVSS
9.7AI Score
0.003EPSS
There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges.
9.8CVSS
9.6AI Score
0.001EPSS
There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions.
7.5CVSS
7.6AI Score
0.001EPSS