HUAWEI Security Vulnerabilities
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory thus potentially.....
7.8CVSS
7.4AI Score
0.0004EPSS
Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to...
7.2CVSS
6.9AI Score
0.0004EPSS
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in...
7.8CVSS
7.3AI Score
0.0004EPSS
Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect...
6.4CVSS
6.9AI Score
0.0004EPSS
Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Vulnerability of insufficient permission verification in the app management module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Input verification vulnerability in the call module. Impact: Successful exploitation of this vulnerability may affect service...
6.8AI Score
0.0004EPSS
Input verification vulnerability in the power module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Vulnerability of file path verification being bypassed in the email module. Impact: Successful exploitation of this vulnerability may affect service...
6.8AI Score
0.0004EPSS
Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vulnerability may affect service...
6.8AI Score
0.0004EPSS
Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service...
6.7AI Score
0.0004EPSS
Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Vulnerability of defects introduced in the design process in the hwnff module. Impact: Successful exploitation of this vulnerability may affect service...
6.8AI Score
0.0004EPSS
Vulnerability of starting activities in the background in the ActivityManagerService (AMS) module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability and...
6.8AI Score
0.0004EPSS
Use After Free (UAF) vulnerability in the underlying driver module. Impact: Successful exploitation of this vulnerability will affect...
6.9AI Score
0.0004EPSS
Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service...
6.7AI Score
0.0004EPSS
Permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service...
6.8AI Score
0.0004EPSS
Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
Command injection vulnerability in the AccountManager module. Impact: Successful exploitation of this vulnerability may affect service...
7.2AI Score
0.0004EPSS
Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect...
6.8AI Score
0.0004EPSS
The SystemUI module has a vulnerability in permission management. Impact: Successful exploitation of this vulnerability may affect...
6.8AI Score
0.0004EPSS
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger...
7.5CVSS
7.6AI Score
0.005EPSS
Permission control vulnerability in the calendarProvider module.Successful exploitation of this vulnerability may affect service...
6.8AI Score
0.0004EPSS
Vulnerability of input parameter verification in the motor module.Successful exploitation of this vulnerability may affect...
6.7AI Score
0.0004EPSS
Vulnerability of null references in the motor module.Successful exploitation of this vulnerability may affect...
6.7AI Score
0.0004EPSS
Permission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect...
6.8AI Score
0.0004EPSS
Vulnerability of improper access control in the email module.Successful exploitation of this vulnerability may affect service...
6.7AI Score
0.0004EPSS
Information management vulnerability in the Gallery module.Successful exploitation of this vulnerability may affect service...
6.7AI Score
0.0004EPSS
Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform...
6.6AI Score
0.0004EPSS
Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform...
6.6AI Score
0.0004EPSS
Logic vulnerabilities in the baseband.Successful exploitation of this vulnerability may affect service...
6.9AI Score
0.0004EPSS
Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file...
7AI Score
0.0004EPSS
Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service...
6.8AI Score
0.0004EPSS
Script injection vulnerability in the email module.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and...
7.1AI Score
0.0004EPSS
Permission control vulnerability in the WindowManagerServices module.Successful exploitation of this vulnerability may affect...
6.8AI Score
0.0004EPSS
Vulnerability of permission verification in the content sharing pop-up module.Successful exploitation of this vulnerability may cause unauthorized file...
6.7AI Score
0.0004EPSS
The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploitation of this vulnerability may affect...
7AI Score
0.0004EPSS
The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified other...
7.5CVSS
7.4AI Score
0.001EPSS
Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file in the search path of the affected service and obtain elevated privileges after the executable file....
6.7CVSS
6.6AI Score
0.001EPSS
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
8.8CVSS
8.7AI Score
0.014EPSS
Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may affect service...
7.5CVSS
7.5AI Score
0.001EPSS
Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before...
7.8CVSS
7.3AI Score
0.0004EPSS
Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the...
7.5CVSS
7.5AI Score
0.0005EPSS
Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perform...
5.3CVSS
5.3AI Score
0.0005EPSS
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service...
7.5CVSS
7.4AI Score
0.001EPSS