HUAWEI Security Vulnerabilities
The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data...
7.5CVSS
7.3AI Score
0.002EPSS
The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data...
7.5CVSS
7.3AI Score
0.002EPSS
The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be...
9.8CVSS
9.3AI Score
0.001EPSS
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code...
9.8CVSS
9.6AI Score
0.003EPSS
The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control...
9.8CVSS
9.4AI Score
0.002EPSS
The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive...
7.5CVSS
7.6AI Score
0.001EPSS
The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information...
7.5CVSS
7.3AI Score
0.002EPSS
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds...
9.1CVSS
9.1AI Score
0.002EPSS
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds...
9.1CVSS
9.1AI Score
0.002EPSS
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300,...
6.9AI Score
0.002EPSS
Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted...
7.2AI Score
0.003EPSS
Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to...
7AI Score
0.001EPSS
The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN...
6.5AI Score
0.001EPSS
The Huawei E585 device allows remote attackers to cause a denial of service (NULL pointer dereference and device outage) via crafted HTTP requests, as demonstrated by unspecified vulnerability-scanning...
6.9AI Score
0.002EPSS
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long...
8.3AI Score
0.004EPSS
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows.....
8.1AI Score
0.003EPSS
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a...
6.8AI Score
0.003EPSS
Buffer overflow in the back-end component in Huawei UTPS 1.0 allows local users to gain privileges via a long IDS_PLUGIN_NAME string in a plug-in configuration...
6.9AI Score
0.001EPSS
The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...
6.5AI Score
0.002EPSS
Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 is enabled, allow remote attackers to cause a denial of service (device crash) via malformed SNMPv3 requests that leverage unspecified overflow...
7.1AI Score
0.002EPSS
The Huawei Access Router (AR) before V200R002SPC003 allows remote attackers to cause a denial of service (device reset) via a crafted field in a DHCP request, as demonstrated by a request from an IP...
6.7AI Score
0.002EPSS
Huawei Seco Versatile Security Manager (VSM) before V200R002C00SPC300 allows remote authenticated users to gain privileges via a certain change to a group configuration...
6.7AI Score
0.002EPSS
The firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and S9700 on Huawei Campus Switch devices allows remote authenticated users to obtain sensitive information from the high-priority security zone by leveraging access to the low-priority security...
6.1AI Score
0.001EPSS
A Huawei device has an input verification vulnerability. Successful exploitation of this vulnerability may lead to DoS attacks.Affected product versions include:CV81-WDM FW versions...
7.5CVSS
7.4AI Score
0.001EPSS
There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use brute force cracking to obtain passwords, which may cause sensitive system information to be...
6.5CVSS
6.2AI Score
0.001EPSS
A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions...
5.5CVSS
5.4AI Score
0.0004EPSS
There is a traffic hijacking vulnerability in WS7200-10 11.0.2.13. Successful exploitation of this vulnerability can cause packets to be hijacked by...
4.3CVSS
4.5AI Score
0.001EPSS
There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be...
6.1CVSS
6.2AI Score
0.001EPSS
The WLAN module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause third-party apps to affect WLAN...
9.8CVSS
9.2AI Score
0.002EPSS
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system...
9.1CVSS
9.1AI Score
0.002EPSS
The HwChrService module has a vulnerability in permission control. Successful exploitation of this vulnerability may cause disclosure of user network...
7.5CVSS
7.4AI Score
0.002EPSS
Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted...
9.1CVSS
9.3AI Score
0.002EPSS
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to...
5.9CVSS
5.6AI Score
0.001EPSS
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory...
7.5CVSS
7.5AI Score
0.001EPSS
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory...
7.5CVSS
7.5AI Score
0.001EPSS
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data...
7.5CVSS
7.4AI Score
0.002EPSS
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system...
9.8CVSS
9.3AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system...
7.5CVSS
7.5AI Score
0.001EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system...
7.5CVSS
7.5AI Score
0.001EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and...
9.8CVSS
9.4AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system...
7.5CVSS
7.5AI Score
0.001EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.002EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system...
7.5CVSS
7.5AI Score
0.001EPSS