HUAWEI Security Vulnerabilities
There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service...
5.3CVSS
5.3AI Score
0.001EPSS
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause out-of-bounds...
3.3CVSS
4.1AI Score
0.0004EPSS
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control...
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel...
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any...
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address...
3.3CVSS
4AI Score
0.0004EPSS
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service...
7.5CVSS
7.5AI Score
0.002EPSS
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not...
5.5CVSS
5.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process...
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System...
5.5CVSS
5.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause kernel out-of-bounds...
7.1CVSS
6.6AI Score
0.0004EPSS
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process...
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. Local attackers may exploit this vulnerability to cause arbitrary code...
7.8CVSS
7.8AI Score
0.0004EPSS
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel...
5.5CVSS
5.3AI Score
0.0004EPSS
There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process...
9.8CVSS
9.4AI Score
0.002EPSS
There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service...
7.5CVSS
7.5AI Score
0.002EPSS
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System...
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are...
5.5CVSS
5.4AI Score
0.0004EPSS
There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid...
5.3CVSS
5.3AI Score
0.001EPSS
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service...
5.3CVSS
5.3AI Score
0.001EPSS
There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and...
9.1CVSS
9.1AI Score
0.001EPSS
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core...
5.5CVSS
5.4AI Score
0.0004EPSS
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service...
7.5CVSS
7.5AI Score
0.001EPSS
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory...
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any...
5.5CVSS
5.3AI Score
0.0004EPSS
There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS...
7.5CVSS
7.5AI Score
0.001EPSS
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service...
7.5CVSS
7.6AI Score
0.001EPSS
There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious...
9.8CVSS
9.3AI Score
0.002EPSS
There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service...
5.3CVSS
5.3AI Score
0.001EPSS
A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory...
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause nearby process...
3.3CVSS
4.1AI Score
0.0004EPSS
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this...
6.8CVSS
6.5AI Score
0.001EPSS
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain.....
6.5CVSS
6.2AI Score
0.001EPSS
There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions....
7.2CVSS
6.9AI Score
0.001EPSS
There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800...
6.5CVSS
6.3AI Score
0.001EPSS
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions...
7.5CVSS
7.4AI Score
0.001EPSS
There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly...
7.5CVSS
7.4AI Score
0.002EPSS
There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently validate the user's identity. Successful exploit could allow the attacker to do certain operations...
9.8CVSS
9.4AI Score
0.003EPSS
There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service...
7.5CVSS
7.5AI Score
0.001EPSS
There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user.....
7.2CVSS
7.1AI Score
0.001EPSS
There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the...
7.5CVSS
7.6AI Score
0.002EPSS
There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit could leads to...
6.8CVSS
6.8AI Score
0.001EPSS
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions.....
7.5CVSS
7.3AI Score
0.001EPSS
There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target...
7.5CVSS
7.4AI Score
0.001EPSS
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800...
7.5CVSS
7.4AI Score
0.001EPSS
There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of...
6.7CVSS
6.8AI Score
0.0004EPSS
A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code...
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of...
7CVSS
6.7AI Score
0.0004EPSS
A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error...
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory...
5.5CVSS
5.4AI Score
0.0004EPSS