Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-9117

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-01 Dec, 2020 | 00:02
Updated At-04 Aug, 2024 | 10:19
Rejected At-
Credits

HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet to the affected products. Due to insufficient validation of packet, which may be exploited to cause the information leakage or arbitrary code execution.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:01 Dec, 2020 | 00:02
Updated At:04 Aug, 2024 | 10:19
Rejected At:
▼CVE Numbering Authority (CNA)

HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet to the affected products. Due to insufficient validation of packet, which may be exploited to cause the information leakage or arbitrary code execution.

Affected Products
Vendor
n/a
Product
HUAWEI nova 4;SydneyM-AL00
Versions
Affected
  • Versions earlier than 10.0.0.165(C01E34R2P4)
  • Versions earlier than 10.0.0.165(C00E66R1P5)
Problem Types
TypeCWE IDDescription
textN/AOut-of-bounds Read
Type: text
CWE ID: N/A
Description: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201125-01-outofboundread-en
x_refsource_MISC
Hyperlink: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201125-01-outofboundread-en
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201125-01-outofboundread-en
x_refsource_MISC
x_transferred
Hyperlink: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201125-01-outofboundread-en
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:01 Dec, 2020 | 01:15
Updated At:04 Dec, 2020 | 17:28

HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet to the affected products. Due to insufficient validation of packet, which may be exploited to cause the information leakage or arbitrary code execution.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>nova_4_firmware>>Versions before 10.0.0.165\(c01e34r2p4\)(exclusive)
cpe:2.3:o:huawei:nova_4_firmware:*:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>nova_4>>-
cpe:2.3:h:huawei:nova_4:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>sydneym-al00_firmware>>Versions before 10.0.0.165\(c00e66r1p5\)(exclusive)
cpe:2.3:o:huawei:sydneym-al00_firmware:*:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>sydneym-al00>>-
cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE-787Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201125-01-outofboundread-enpsirt@huawei.com
Vendor Advisory
Hyperlink: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201125-01-outofboundread-en
Source: psirt@huawei.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1794Records found
CVE-2021-40060
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.27% / 49.81%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 13:49
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40010
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.84% / 73.80%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosHarmonyOS;EMUI;Magic UI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-14491
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-52.38% / 97.84%
||
7 Day CHG~0.00%
Published-02 Oct, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

Action-Not Available
Vendor-thekelleysn/aHuawei Technologies Co., Ltd.Debian GNU/LinuxSUSERed Hat, Inc.Aruba NetworksSynology, Inc.NVIDIA CorporationArista Networks, Inc.Canonical Ltd.openSUSEMicrosoft CorporationSiemens AG
Product-enterprise_linux_desktopruggedcom_rm1224_firmwarescalance_w1750d_firmwarescalance_s615enterprise_linux_workstationlinux_for_tegradnsmasqlinux_enterprise_serverleaprouter_managerlinux_enterprise_point_of_salearubaosenterprise_linux_serverdebian_linuxjetson_tk1scalance_s615_firmwaregeforce_experiencelinux_enterprise_debuginfoeosscalance_m-800diskstation_managerhonor_v9_play_firmwarejetson_tx1scalance_w1750druggedcom_rm1224ubuntu_linuxhonor_v9_playscalance_m-800_firmwarewindowsn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40057
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.27% / 49.81%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 13:50
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40020
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-39995
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.16% / 37.92%
||
7 Day CHG~0.00%
Published-29 Nov, 2021 | 15:34
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ecns280_tdese620x_vess_firmwareecns280_td_firmwareese620x_vesseCNS280_TD;eSE620X vESS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-40000
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.28%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-46591
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-6.2||MEDIUM
EPSS-0.01% / 0.56%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 07:19
Updated-09 May, 2025 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-39974
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.13% / 33.43%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-40019
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.19% / 41.45%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 17:58
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-39990
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.56%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-46585
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.51%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 07:04
Updated-09 May, 2025 | 19:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40002
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.28%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-39996
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 46.37%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiharmonyosemuiEMUI;Magic UI;HarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40050
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 45.72%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 13:50
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-40021
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40058
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.27% / 49.81%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 13:49
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40026
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.32%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiharmonyosemuiMagic UIHarmonyOSEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40009
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.66%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiharmonyosemuiMagic UIHarmonyOSEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40064
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.52%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 13:49
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-40014
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.02%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOSEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-39984
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-41307
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.16%
||
7 Day CHG~0.00%
Published-26 Sep, 2023 | 01:16
Updated-24 Sep, 2024 | 20:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-39396
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.70%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 11:35
Updated-10 Oct, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-39405
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.10% / 29.02%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 11:37
Updated-10 Oct, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37051
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.23% / 45.74%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 14:12
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiharmonyosemuiMagic UIHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-17165
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.54%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003C00SPC300T, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S2700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5300 V200R003C00, V200R003C00SPC300T, V200R003C00SPC600, V200R003C02, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R005C05, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5700 V200R003C00, V200R003C00SPC316T, V200R003C00SPC600, V200R003C02, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S600-E V200R008C00, V200R009C00, S6300 V200R003C00, V200R005C00, V200R007C00, V200R008C00, V200R009C00, S6700 V200R003C00, V200R005C00, V200R005C01, V200R005C02, V200R007C00, V200R008C00, V200R009C00 has an out-of-bounds read vulnerability. An unauthenticated attacker may send crafted malformed IPv6 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause device to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-s5300s2700_firmwares2700quidway_s5300_firmwarequidway_s5300s600-es2300s6300_firmwarequidway_s2700s5700_firmwares6700_firmwares2300_firmwarequidway_s2700_firmwares600-e_firmwares5300_firmwarequidway_s5700_firmwares5700s6300s6700quidway_s5700Quidway S2700,Quidway S5300,Quidway S5700,S2300,S2700,S5300,S5700,S600-E,S6300,S6700
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-8200
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 46.02%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-tp3106tp3206_firmwaretp3106_firmwaretp3206max_presence_firmwaremax_presenceMAX PRESENCE,TP3106,TP3206
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-17160
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.9||MEDIUM
EPSS-0.27% / 49.78%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, NetEngine16EX V200R006C10, V200R007C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, SRG2300 V200R006C10, V200R007C00, V200R007C02, SRG3300 V200R006C10, V200R007C00 have a buffer overflow vulnerability due to incomplete range checks of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bound and restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwarear1200ar3200_firmwarear2200srg1300srg1300_firmwaresrg3300_firmwaresrg2300_firmwaresrg3300netengine16exar120-s_firmwarear1200-s_firmwarear200-sar120-sar510ar150-sar160srg2300ar150_firmwarear2200-sar510_firmwarear150-s_firmwarear1200-sar3600ar150ar3200ar1200_firmwarear200-s_firmwarear200ar3600_firmwarear160_firmwarear2200-s_firmwarear200_firmwarenetengine16ex_firmwareAR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,NetEngine16EX,SRG1300,SRG2300,SRG3300
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-37240
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.10% / 28.73%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 12:29
Updated-19 Nov, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-17202
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.82%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R005C32, V200R007C00, V200R008C20, V200R008C30, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, NetEngine16EX V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an out-of-bounds read vulnerability due to insufficient input validation. An unauthenticated, remote attacker could exploit this vulnerability by sending malformed Session Initiation Protocol(SIP) packets to the target device. Successful exploit could make the device read out of bounds and thus cause a service to be unavailable.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwarear1200ar3200_firmwarear2200srg1300srg1300_firmwaresrg3300_firmwaresrg2300_firmwaresrg3300netengine16exar120-s_firmwarear1200-s_firmwarear200-sar120-sar510ar150-sar160srg2300ar150_firmwarear2200-sar510_firmwarear150-s_firmwarear1200-sar3600ar150ar3200ar1200_firmwarear200-s_firmwarear200ar3600_firmwarear160_firmwarear2200-s_firmwarear200_firmwarenetengine16ex_firmwareAR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,NetEngine16EX,SRG1300,SRG2300,SRG3300
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-15319
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.61%
||
7 Day CHG~0.00%
Published-22 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-te60te50_firmwarerp200_firmwarerp200te30_firmwarete40_firmwarete50te40te60_firmwarete30TE60TE30TE50TE40RP200
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-15317
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.12%
||
7 Day CHG~0.00%
Published-22 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar3200ar200_firmwarear120-ssrg1300srg3300ar510_firmwarear1200ar1200-s_firmwarear120-s_firmwarear150-s_firmwarear3200_firmwarear150_firmwarear200-ssrg1300_firmwarear2200-sar160srg3300_firmwarear1200-sar2200srg2300srg2300_firmwarear160_firmwarear510ar2200-s_firmwarear150ar2200_firmwarear200-s_firmwarear1200_firmwarear200ar150-sAR120-SAR510AR160SRG2300SRG3300AR3200AR1200-SAR1200AR150AR200AR2200AR200-SSRG1300AR150-SAR2200-S
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-15353
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.18% / 39.45%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-viewpoint_9030viewpoint_9030_firmwarete30_firmwarevp9660te60viewpoint_8660_firmwarete40dp300_firmwaretx50_firmwarete30te50rp200_firmwarerse6500dp300vp9660_firmwarerp200te40_firmwarerse6500_firmwareviewpoint_8660te50_firmwarete60_firmwaretx50DP300,RP200,RSE6500,TE30,TE40,TE50,TE60,TX50,VP9660,ViewPoint 8660,ViewPoint 9030,Viewpoint 8660,
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37041
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.23% / 45.74%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 15:45
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37020
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.27% / 50.36%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:01
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37021
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.27% / 50.36%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:02
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37076
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37107
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.23%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:03
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an improper memory access permission configuration on ACPU.Successful exploitation of this vulnerability may cause out-of-bounds access.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37011
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.26% / 48.99%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:01
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-1804
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.1||HIGH
EPSS-0.10% / 28.56%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 14:48
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 1 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1805 and CVE-2020-1806.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-honor_v10honor_v10_firmwareHonor V10
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37022
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.94%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:26
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Heap-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause root permission which can be escalated.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37129
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 00:41
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s9700ips_moduleusg9500_firmwares1700_firmwares2700ips_module_firmwares7700_firmwarengfw_module_firmwares7700usg9500s1700nip6600s12700s5700_firmwares6700_firmwarengfw_modules12700_firmwares9700_firmwarenip6600_firmwares5700s6700s2700_firmwareIIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37042
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.23% / 45.74%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 15:45
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37049
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 46.70%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 14:12
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiharmonyosemuiMagic UIHarmonyOSEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37007
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.90%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:21
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37114
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 35.99%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIEMUIHarmony OS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37090
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.99%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:06
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37016
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.19% / 41.38%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:22
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause Information Disclosure or Denial of Service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37070
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:03
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 35
  • 36
  • Next
Details not found