HUAWEI Security Vulnerabilities

CVE-2022-22254

A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data...

CVE-2021-39969

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service...

CVE-2021-37020

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds...

CVE-2022-37002

The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the...

CVE-2021-46814

The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system...

CVE-2021-37021

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds...

CVE-2021-40012

Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect...

CVE-2022-48302

The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data...

CVE-2022-48298

The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory...

CVE-2021-40016

Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect...

CVE-2021-22437

There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address...

CVE-2021-37042

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds...

CVE-2021-37133

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service...

CVE-2021-40051

There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect...

CVE-2022-44549

The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user...

CVE-2021-37041

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds...

CVE-2022-39007

The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege...

CVE-2022-48297

The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory...

CVE-2022-44562

The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege...

CVE-2021-40013

Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect...

CVE-2021-22406

There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit...

CVE-2022-48286

The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data...

CVE-2022-44550

The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system...

CVE-2022-45874

Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain...

CVE-2022-41595

The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint...

CVE-2021-40005

The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data...

CVE-2021-37014

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to device cannot be used...

CVE-2021-22367

There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication...

CVE-2022-48230

There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to...

CVE-2022-48261

There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation of this vulnerability may cause the printer service to be...

CVE-2021-40017

The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory...

CVE-2021-39971

Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise...

CVE-2022-48254

There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation could bypass lock screen...

CVE-2021-39997

There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful exploitation of this vulnerability may cause out-of-bounds...

CVE-2021-37112

Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware...

CVE-2021-37078

There is a Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote Denial of...

CVE-2021-37079

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app...

CVE-2022-48284

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted...

CVE-2022-48283

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted...

CVE-2022-48511

Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform...

CVE-2022-48510

Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized...

CVE-2022-48513

Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds...

CVE-2022-48512

Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform...

CVE-2023-34164

Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect...

CVE-2023-1691

Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform...

CVE-2022-48515

Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service...

CVE-2022-48520

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect...

CVE-2022-48519

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect...

CVE-2022-48517

Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect...

CVE-2023-37239

Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the...