Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-1815

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-17 Feb, 2020 | 23:18
Updated At-04 Aug, 2024 | 06:46
Rejected At-
Credits

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while parse certain message, the attacker sends the message continuously that could consume remaining memory. Successful exploit could cause memory exhaust.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:17 Feb, 2020 | 23:18
Updated At:04 Aug, 2024 | 06:46
Rejected At:
▼CVE Numbering Authority (CNA)

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while parse certain message, the attacker sends the message continuously that could consume remaining memory. Successful exploit could cause memory exhaust.

Affected Products
Vendor
Huawei Technologies Co., Ltd.Huawei
Product
NIP6800
Versions
Affected
  • V500R001C30
  • V500R001C60SPC500
  • V500R005C00
Vendor
Huawei Technologies Co., Ltd.Huawei
Product
Secospace USG6600, USG9500
Versions
Affected
  • V500R001C30SPC200
  • V500R001C30SPC600
  • V500R001C60SPC500
  • V500R005C00
Problem Types
TypeCWE IDDescription
textN/AMemory Leak
Type: text
CWE ID: N/A
Description: Memory Leak
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en
x_refsource_CONFIRM
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:18 Feb, 2020 | 00:15
Updated At:21 Jul, 2021 | 11:39

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while parse certain message, the attacker sends the message continuously that could consume remaining memory. Successful exploit could cause memory exhaust.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>nip6800_firmware>>v500r001c30
cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6800_firmware>>v500r001c60spc500
cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6800_firmware>>v500r005c00
cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nip6800>>-
cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>secospace_usg6600_firmware>>v500r001c30spc200
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>secospace_usg6600_firmware>>v500r001c30spc600
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>secospace_usg6600_firmware>>v500r001c60spc500
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>secospace_usg6600_firmware>>v500r005c00
cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>secospace_usg6600>>-
cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>usg9500_firmware>>v500r001c30spc200
cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>usg9500_firmware>>v500r001c30spc600
cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>usg9500_firmware>>v500r001c60spc500
cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>usg9500_firmware>>v500r005c00
cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>usg9500>>-
cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-401Primarynvd@nist.gov
CWE ID: CWE-401
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-enpsirt@huawei.com
Vendor Advisory
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-02-firewall-en
Source: psirt@huawei.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

669Records found
CVE-2022-39004
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.87%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 17:56
Updated-03 Aug, 2024 | 11:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-37046
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.49%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 15:45
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-36993
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:26
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-9124
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.31% / 54.04%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 17:17
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-cloudengine_7800cloudengine_5800_firmwarecloudengine_5800cloudengine_6800_firmwarecloudengine_6800cloudengine_7800_firmwarecloudengine_12800cloudengine_12800_firmwareCloudEngine 5800CloudEngine 7800CloudEngine 12800CloudEngine 6800
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2022-39005
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.87%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 17:56
Updated-03 Aug, 2024 | 11:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-37239
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.61%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 12:27
Updated-19 Nov, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-34155
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.00%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-17 Dec, 2024 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of unauthorized calling on HUAWEI phones and tablets.Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CVE-2024-58109
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4.6||MEDIUM
EPSS-0.14% / 33.46%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:35
Updated-07 May, 2025 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-34162
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.00%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to fail.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CVE-2023-34161
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.39%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nappropriate authorization vulnerability in the SettingsProvider module.Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-34164
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.12%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 12:35
Updated-19 Nov, 2024 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-57956
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-2.8||LOW
EPSS-0.03% / 9.23%
||
7 Day CHG~0.00%
Published-06 Feb, 2025 | 12:26
Updated-17 Mar, 2025 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CVE-2023-34163
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.00%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CVE-2023-34166
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 28.18%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-22393
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 11:36
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-cloudengine_7800cloudengine_5800cloudengine_6800_firmwarecloudengine_6800cloudengine_7800_firmwarecloudengine_12800cloudengine_12800_firmwareCloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800
CVE-2021-22332
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 12:10
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-cloudengine_7800cloudengine_5800_firmwarecloudengine_5800cloudengine_6800_firmwarecloudengine_6800cloudengine_7800_firmwarecloudengine_12800cloudengine_12800_firmwareCloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800
CWE ID-CWE-415
Double Free
CVE-2021-22489
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.87%
||
7 Day CHG~0.00%
Published-25 Feb, 2022 | 18:11
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CVE-2021-22445
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.49%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 17:39
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22379
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 16:39
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Integer Underflow (Wrap or Wraparound) Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2021-22292
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.49%
||
7 Day CHG~0.00%
Published-06 Feb, 2021 | 02:09
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ecns280_firmwareecns280eCNS280
CVE-2021-22359
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.49%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 12:40
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s5700_firmwares6700_firmwares6700s5700S5700;S6700
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22331
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.21% / 42.77%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 12:19
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product versions include HUAWEI P30 versions earlier than 10.1.0.165(C01E165R2P11), 11.0.0.118(C635E2R1P3), 11.0.0.120(C00E120R2P5), 11.0.0.138(C10E4R5P3), 11.0.0.138(C185E4R7P3), 11.0.0.138(C432E8R2P3), 11.0.0.138(C461E4R3P3), 11.0.0.138(C605E4R1P3), and 11.0.0.138(C636E4R3P3).

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-p30_firmwarep30HUAWEI P30
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-22413
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 16:46
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-22363
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-22 Jun, 2021 | 18:49
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a resource management error vulnerability in eCNS280_TD V100R005C10SPC650. An attacker needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ecns280_tdecns280_td_firmwareeCNS280_TD
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-22320
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-22 Mar, 2021 | 18:41
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-nip6600secospace_usg6500_firmwaresecospace_usg6500ips_modulengfw_modulenip6800_firmwareips_module_firmwarenip6800secospace_usg6600_firmwaresecospace_usg6300nip6600_firmwarengfw_module_firmwaresecospace_usg6600secospace_usg6300_firmwareIPS Module;NGFW Module;NIP6600;NIP6800;Secospace USG6300;Secospace USG6500;Secospace USG6600
CVE-2021-22374
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 14:42
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI;Magic UI
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-56438
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6||MEDIUM
EPSS-0.05% / 16.34%
||
7 Day CHG~0.00%
Published-08 Jan, 2025 | 02:04
Updated-26 Sep, 2025 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-22328
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-23 Aug, 2021 | 19:29
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-cloudengine_7800cloudengine_5800_firmwarecloudengine_5800cloudengine_6800_firmwarecloudengine_6800cloudengine_7800_firmwarecloudengine_12800cloudengine_12800_firmwareCloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800
CVE-2021-22491
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:25
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22484
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.87%
||
7 Day CHG-0.01%
Published-28 Dec, 2024 | 06:50
Updated-18 Mar, 2025 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory (OOM).

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22400
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 22.84%
||
7 Day CHG~0.00%
Published-03 Aug, 2021 | 13:18
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product include:OxfordS-AN00A 10.0.1.10(C00E10R1P1),10.0.1.105(C00E103R3P3),10.0.1.115(C00E110R3P3),10.0.1.123(C00E121R3P3),10.0.1.135(C00E130R3P3),10.0.1.135(C00E130R4P1),10.0.1.152(C00E140R4P1),10.0.1.160(C00E160R4P1),10.0.1.167(C00E166R4P1),10.0.1.173(C00E172R5P1),10.0.1.178(C00E175R5P1) and 10.1.0.202(C00E79R5P1).

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-oxfords-an00aoxfords-an00a_firmwareOxfordS-AN00A
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22319
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.87%
||
7 Day CHG~0.00%
Published-25 Feb, 2022 | 18:11
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-22368
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.35%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 17:20
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI;Magic UI
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-22401
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:21
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CVE-2021-22442
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.07%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 16:56
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-354
Improper Validation of Integrity Check Value
CVE-2021-22415
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 16:48
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2021-22303
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-3.3||LOW
EPSS-0.08% / 24.22%
||
7 Day CHG~0.00%
Published-06 Feb, 2021 | 00:04
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-taurus-al00a_firmwaretaurus-al00aTaurus-AL00A
CWE ID-CWE-415
Double Free
CVE-2021-22414
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 16:47
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22405
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:22
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CVE-2021-22391
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 16:45
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2021-22353
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.49%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 17:06
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI;Magic UI
CWE ID-CWE-416
Use After Free
CVE-2021-22327
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.16% / 37.13%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 11:19
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4).

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-p30_firmwarep30HUAWEI P30
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22446
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.49%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 17:39
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CVE-2021-22402
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:21
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CVE-2024-56434
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 9.23%
||
7 Day CHG~0.00%
Published-08 Jan, 2025 | 01:32
Updated-18 Sep, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CWE ID-CWE-416
Use After Free
CVE-2024-54108
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 53.83%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:03
Updated-18 Sep, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-54111
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 24.81%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:06
Updated-12 Dec, 2024 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-54115
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4.3||MEDIUM
EPSS-0.16% / 37.19%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:11
Updated-12 Dec, 2024 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-5284
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.17% / 38.19%
||
7 Day CHG~0.00%
Published-04 Jun, 2019 | 18:52
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected phone abnormal, leading to a DoS condition. (Vulnerability ID: HWPSIRT-2019-02004)

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-leland-al00a_firmwareleland-al00aLeland-AL00A
CVE-2021-37117
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.87%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIEMUIHarmony OS
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 13
  • 14
  • Next
Details not found