HUAWEI Security Vulnerabilities
Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app.
10CVSS
6.4AI Score
0.001EPSS
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
5.3CVSS
5.2AI Score
0.001EPSS
Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to privilege escalation, which affects availability and confidentiality.
9.8CVSS
9.3AI Score
0.002EPSS
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
5.3CVSS
5.2AI Score
0.001EPSS
nappropriate authorization vulnerability in the SettingsProvider module.Successful exploitation of this vulnerability may cause features to perform abnormally.
7.5CVSS
7.5AI Score
0.001EPSS
Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to fail.
7.5CVSS
7.4AI Score
0.001EPSS
Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero permissions.
5.3CVSS
5.2AI Score
0.001EPSS
Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to restart.
7.5CVSS
7.4AI Score
0.001EPSS
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
5.3CVSS
5.2AI Score
0.001EPSS
Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity.
9.1CVSS
9.1AI Score
0.001EPSS
Vulnerability of kernel raw address leakage in the hang detector module. Successful exploitation of this vulnerability may affect service confidentiality.
5.3CVSS
5.1AI Score
0.001EPSS
Vulnerability of apps' permission to access a certain API being incompletely verified in the wireless projection module. Successful exploitation of this vulnerability may affect some wireless projection features.
5.3CVSS
5.1AI Score
0.001EPSS
Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program.
7.5CVSS
7.5AI Score
0.0005EPSS
Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read.
9.1CVSS
9.1AI Score
0.001EPSS
Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart.
7.5CVSS
7.4AI Score
0.001EPSS
Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (NVRAM), or facilitate the exploitation of other vulnerabilities.
9.8CVSS
9.4AI Score
0.001EPSS
Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem.
9.1CVSS
9.3AI Score
0.0005EPSS
Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally.
7.5CVSS
7.5AI Score
0.0005EPSS
Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.
7.5CVSS
7.4AI Score
0.0005EPSS
Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.
7.5CVSS
7.4AI Score
0.0005EPSS
Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.
7.5CVSS
7.4AI Score
0.001EPSS
Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally.
7.5CVSS
7.5AI Score
0.0005EPSS
Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access.
9.1CVSS
9AI Score
0.001EPSS
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart.
7.5CVSS
7.4AI Score
0.0005EPSS
Vulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.
5.3CVSS
5.2AI Score
0.0005EPSS
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
7.5CVSS
7.4AI Score
0.0005EPSS
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
7.5CVSS
7.4AI Score
0.0005EPSS
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.
7.5CVSS
7.3AI Score
0.0005EPSS
Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.3AI Score
0.001EPSS
Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten.
7.5CVSS
7.4AI Score
0.0005EPSS
Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiResources to be maliciously modified and overwritten.
7.5CVSS
7.4AI Score
0.0005EPSS
Vulnerability of API privilege escalation in the wifienhance module. Successful exploitation of this vulnerability may cause the arp list to be modified.
7.5CVSS
7.6AI Score
0.0005EPSS
Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.0005EPSS
Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.0005EPSS
Input parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.0005EPSS
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
9.1CVSS
9AI Score
0.001EPSS
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
9.1CVSS
9AI Score
0.001EPSS
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
9.1CVSS
9AI Score
0.001EPSS
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
9.1CVSS
9.1AI Score
0.001EPSS
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
9.1CVSS
9AI Score
0.001EPSS
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
9.1CVSS
9AI Score
0.001EPSS
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.
7.5CVSS
7.3AI Score
0.0005EPSS
Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.
9.8CVSS
9.3AI Score
0.001EPSS
Permission control vulnerability in the XLayout component. Successful exploitation of this vulnerability may cause apps to forcibly restart.
7.5CVSS
7.4AI Score
0.0005EPSS
The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity.
9.1CVSS
9AI Score
0.001EPSS
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
7.5CVSS
7.4AI Score
0.0005EPSS
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
7.5CVSS
7.4AI Score
0.0005EPSS
Data security classification vulnerability in the DDMP module. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.5AI Score
0.001EPSS