HUAWEI Security Vulnerabilities

CVE-2022-38995

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system...

CVE-2022-38978

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data...

CVE-2021-40023

Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect...

CVE-2021-40019

Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds...

CVE-2021-40024

Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data...

CVE-2021-46836

Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data...

CVE-2020-36600

Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to...

CVE-2020-36601

Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic...

CVE-2022-37007

The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the...

CVE-2022-37008

The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system...

CVE-2022-37005

The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data...

CVE-2022-37004

The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the...

CVE-2022-37003

The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to...

CVE-2022-37001

The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to...

CVE-2021-40034

The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the...

CVE-2021-40030

The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data...

CVE-2022-34740

The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and...

CVE-2022-34735

The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel...

CVE-2022-34736

The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel...

CVE-2022-34737

The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and...

CVE-2022-34739

The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address...

CVE-2022-34741

The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and...

CVE-2022-34743

The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system...

CVE-2022-34738

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the...

CVE-2021-39999

There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service...

CVE-2022-29798

There is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of...

CVE-2022-29797

There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege...

CVE-2022-22259

There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful exploitation of this vulnerability may lead to a control of the victim...

CVE-2021-40036

The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code...

CVE-2022-31754

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some...

CVE-2022-31753

The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system...

CVE-2022-31752

Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect...

CVE-2022-31760

Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and...

CVE-2021-46811

HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC)...

CVE-2021-46813

Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect...

CVE-2022-31761

Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect...

CVE-2021-46812

The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data...

CVE-2022-31757

The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data...

CVE-2022-31751

The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system...

CVE-2022-31755

The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system...

CVE-2022-31756

The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data...

CVE-2022-31762

The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege...

CVE-2022-31758

The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data...

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system...

CVE-2022-31763

The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system...

CVE-2022-22252

The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system...

CVE-2022-29796

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI...

CVE-2022-29795

The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel...

CVE-2022-29789

The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI...

CVE-2022-29792

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data...